Contract can accept funds with no way of extracting them

[hats-bug-reporter[bot]]

Github username: -- Beneficiary: 0x32cb680634a33d107FDe4CE3b0EF21F07158701B Submission hash (on-chain): 0x547cd06bc6b1009088bb35eb62a4e97d614031a3248ec8e2f3e46461eeb89324 Severity: medium severity

Description:

Summary

Contract can accept funds with no way of extracting them

Vulnerability Detail

Contracts with payable functions (including receive) can accumulate Ether over time. If there's no method to withdraw these funds, they can remain trapped in the contract indefinitely, resulting in lost resources and a potential financial loss.

Code Snippet

VMEXOracle.sol: 35-35

35: contract VMEXOracle is Initializable, IPriceOracleGetter

VMEXOracle.sol: 409-409

409: receive() external payable {

Recommendation

To resolve this, a secure withdraw function should be implemented. It's recommended to limit access to this function, typically to the contract's owner or a specific set of trusted addresses. Also, to prevent re-entrancy attacks, the Checks-Effects-Interactions (CEI) pattern should be followed where state changes (effect) occur before external calls (interactions).

[ksyao2002]

This is not a security concern, but rather a matter of preference. Enabling trusted actors to withdraw funds out of the protocol comes with its own risks, which is why Aave v2 did not include such an ability to begin with.