Closed sherlock-admin closed 7 months ago
1 comment(s) were left on this issue during the judging contest.
takarez commented:
invalid: admin functionality == trusted
Invalid, trusted admin input error, not valid based on sherlock rules, see point 5.
Atharv
medium
Missed Require statement, If values not set properly then no-one can enable the validator and hence DOS
Summary
Missing the Require check result in the DOS.
Vulnerability Detail
In the
OperationalStaking.sol::initialize()
function we are setting the variablevalidatorMaxStake
. And also we are assigning the value to variablevalidatorEnableMinStake
=DEFAULT_VALIDATOR_ENABLE_MIN_STAKE
. If we set the value ofwe cannot enable the validator.
Here
We are calculating the staked amount and
checking it should be greater than
validatorEnableMinStake
ButvalidatorMaxStake
<validatorEnableMinStake
hence transaction will get reverts and we cannot enable the validatorImpact
Medium
Severity: High Likelihood: Low
Code Snippet
Tool used
Manual Review
Recommendation