Topmark - Dos due to Absence of Unblocked Functionality for Blocked Account Version

[sherlock-admin2]

Topmark

medium

Dos due to Absence of Unblocked Functionality for Blocked Account Version

Summary

Denial of Service due to Absence of Unblocked Functionality for Blocked Account Version in the Factory.sol contract

Vulnerability Detail

function blockAccountVersion(uint256 version) external onlyOwner {
        if (version == 0 || version > latestAccountVersion) revert FactoryErrors.InvalidAccountVersion();
        accountVersionBlocked[version] = true;

        // unsafe cast: accountVersion <= latestAccountVersion, which is a uint88.
        emit AccountVersionBlocked(uint88(version));
    }

The code above shows how blockAccountVersion(...) Function is impemented in the Factory contract, the problem is that only Block functionality is present in the contract, in a situation this values are needed for reused latter in the contract, there is no unblock function to reverse this sensitive changes thereby causing denial of service as this is not reversible, and therefore a parmanent problem

Impact

Denial of Service due to Absence of Unblocked Functionality for Blocked Account Version in the Factory.sol contract

Code Snippet

https://github.com/sherlock-audit/2023-12-arcadia/blob/main/accounts-v2/src/Factory.sol#L297

Tool used

Manual Review

Recommendation

Arcadia Protocol should ensure an Unblock functionality is added to the factory contract to prevent denial of service in situation blocked version are need for reuse in code execution

[sherlock-admin2]

1 comment(s) were left on this issue during the judging contest.

takarez commented:

invalid

[nevillehuang]

Invalid, feature request, blockAccountVersion() is an admin permissioned function, so if they wish to block an account version without reversing, it is up to their discretion