search

code-423n4 / 2024-06-renzo-mitigation-findings

0 stars 0 forks source link

M-02 MitigationConfirmed #52

Open c4-bot-10 opened 5 months ago

c4-bot-10 commented 5 months ago

Lines of code

Vulnerability details

C4 Issue

M-02: https://github.com/code-423n4/2024-04-renzo-findings/issues/569

Issue Details

In WithdrawQueue contract, PausableUpgradable is inherited to provide pausing capabilities to the administrator on users' withdrawals and claims. But it is not implemented in withdraw() and claim() function:

function withdraw(uint256 _amount, address _assetOut) external nonReentrant {
     ...
}

function claim(uint256 withdrawRequestIndex) external nonReentrant {
     ...
}

Mitigation

Mitigation successfully mitigates the original issue by add WhenNotPaused modifier to withdraw() and claim() function.

Conclusion

Mitigation confirmed

c4-judge commented 5 months ago

alcueca marked the issue as satisfactory