Detailed description of the impact of this finding.
There is no check for _requireNotTradingPausedOrFrozen in the stake. stake can happen when there is paused or frozen
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
function stake(uint256 rsrAmount) public {
@>> _notZero(rsrAmount);
_payoutRewards();
// Mint new stakes
address caller = _msgSender();
mintStakes(caller, rsrAmount);
// == Interactions ==
IERC20Upgradeable(address(rsr)).safeTransferFrom(caller, address(this), rsrAmount);
}
Lines of code
https://github.com/code-423n4/2024-07-reserve/blob/main/contracts/p1/StRSR.sol#L227
Vulnerability details
Impact
Detailed description of the impact of this finding. There is no check for _requireNotTradingPausedOrFrozen in the stake. stake can happen when there is paused or frozen
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Tools Used
Recommended Mitigation Steps
use _requireNotTradingPausedOrFrozen in stake.
Assessed type
Context