Open hats-bug-reporter[bot] opened 1 month ago
aktech297
commented
1 month ago @bgibers
Nomination agents that are linked to pools in a destroying or blocked state will cause the compound and stake functions to revert. This is because any attempt to bond extra or join these pools will fail.
why do you need to allow join in the pool that is going to be destroyed ? reverting would be fair and that is what intended too.
kakarottosama
commented
1 month ago @bgibers Isn't this an expected behaviour? also there is no financial loss (?) at best this could be a low, to add check for a better revert information.
bgibers
commented
1 month ago @kakarottosama This is not expected behavior. There's several issues for when a pool is in a destroying/blocked state, that will need to be mitigated. Probably by Kintsu owning/controlling the pools that are linked to nomination agents. At the time of this competition this was not part of our design, but we will be leaning towards that pattern to prevent a number of issues in the future
Github username: @0xmahdirostami Twitter username: 0xmahdirostami Submission hash (on-chain): 0x21f09c4ad7f9657359133b89c249d647c2c4039a13218fdd168db29ec8e97f5d Severity: medium
Description: Description Nomination agents that are linked to pools in a destroying or blocked state will cause the
compoundandstakefunctions to revert. This is because any attempt to bond extra or join these pools will fail.Attack Scenario If one of the pools transitions to a destroying or blocked state, any attempt to bond extra or join the pool will revert, causing the
compoundandstakefunctions to fail. This leads to a denial of service (DoS) for these functions.Impact Denial of service (DoS) in
stakeandcompoundfunctions, preventing users from staking or compounding their funds.Revised Code File (Optional) To prevent this issue, we should check the state of each pool associated with a nomination agent before attempting to bond extra or join. If the pool is in a destroying or blocked state, the function should skip that agent.