SFrxETHAdapter._stake() fails to check if submit is paused for frxETHMinter.
Summary
submit could be paused in the frxETHMinter at the time when SFrxETHAdapter._stake() is attempted and such scenarios isn't taken care of.
Vulnerability Detail
here is a code snippet from frxETHMinter on ETherscan and it has a require statement to ensure a revert whenever submitPaused == true. see here
/// @notice Mint frxETH to the recipient using sender's funds. Internal portion
function _submit(address recipient) internal nonReentrant {
// Initial pause and value checks
require(!submitPaused, "Submit is paused");
require(msg.value != 0, "Cannot submit 0");
The issue is that this is completedly neglected by SFrxETHAdapter._stake() as it doesn't check if the submitPaused is set to TRUE in the frxETHMinter, before attempting to submit in SFrxETHAdapter._stake().
function _stake(uint256 stakeAmount) internal override returns (uint256) {
IWETH9(Constants.WETH).withdraw(stakeAmount);
FRXETH_MINTER.submit{value: stakeAmount}(); //@audit-issue submit could be paused for frxETHMinter..
uint256 received = STAKED_FRXETH.deposit(stakeAmount, address(this));
if (received == 0) revert InvariantViolation();
return stakeAmount;
}
Impact
whenever submitPaused is set to TRUE in the frxETHMinter, prefundedDeposit will likely always revert for SFrxETHAdapter. this will DOS tranche.issue() if adapter is SFrxETHAdapter
in SFrxETHAdapter._stake() check the frxETHMinter if submitPaused is set to TRUE and look for a way to handle such scenarios in a way that it wouldn't affect SFrxETHAdapter's prefundedDeposit. So as to avoid DOS whenever it is called by Tranche.issue()
AuditorPraise
medium
SFrxETHAdapter._stake() fails to check if
submit
is paused for frxETHMinter.Summary
submit could be paused in the frxETHMinter at the time when SFrxETHAdapter._stake() is attempted and such scenarios isn't taken care of.
Vulnerability Detail
here is a code snippet from frxETHMinter on ETherscan and it has a require statement to ensure a revert whenever submitPaused == true. see here
The issue is that this is completedly neglected by SFrxETHAdapter._stake() as it doesn't check if the submitPaused is set to TRUE in the frxETHMinter, before attempting to submit in SFrxETHAdapter._stake().
Impact
whenever submitPaused is set to TRUE in the frxETHMinter, prefundedDeposit will likely always revert for SFrxETHAdapter. this will DOS tranche.issue() if adapter is SFrxETHAdapter
Code Snippet
https://github.com/sherlock-audit/2024-01-napier/blob/main/napier-v1/src/adapters/frax/SFrxETHAdapter.sol#L74
Tool used
Manual Review
Recommendation
in SFrxETHAdapter._stake() check the frxETHMinter if submitPaused is set to TRUE and look for a way to handle such scenarios in a way that it wouldn't affect SFrxETHAdapter's prefundedDeposit. So as to avoid DOS whenever it is called by Tranche.issue()