Transaction can not be challenged during the pause, which can lead to transaction to be maliciously executed
Summary
When contract is paused, function challengeTransaction() is also paused, and there is no extended time after pausing, which could make malicious transaction executed
Vulnerability Detail
In the TelcoinDistributor contract, function challengeTransaction is used by council member to challenge the transaction in the challenge period:
function challengeTransaction(
uint256 transactionId
) external onlyCouncilMember whenNotPaused {
// Makes sure the id exists
require(
transactionId < proposedTransactions.length,
"TelcoinDistributor: Invalid index"
);
// Reverts if the current time exceeds the sum of the transaction's timestamp and the challenge period
require(
block.timestamp <=
proposedTransactions[transactionId].timestamp + challengePeriod,
"TelcoinDistributor: Challenge period has ended"
);
// Sets the challenged flag of the proposed transaction to true
proposedTransactions[transactionId].challenged = true;
// Emits an event with the transaction ID and the challenger's address
emit TransactionChallenged(transactionId, _msgSender());
}
It use whenNotPaused, which mean function can not be executed when contract is paused (when contract is hacked, ...), but there is no extend for the time when contract is paused, which can be seen at executeTransaction() function:
require(
block.timestamp >
proposedTransactions[transactionId].timestamp + challengePeriod,
"TelcoinDistributor: Challenge period has not ended"
);
It only check if challengePeriod is passed or not, it do not calculate the time when contract is paused
Impact
Malicious transaction can be executed when contract is paused long enough
grearlake
medium
Transaction can not be challenged during the pause, which can lead to transaction to be maliciously executed
Summary
When contract is paused, function
challengeTransaction()
is also paused, and there is no extended time after pausing, which could make malicious transaction executedVulnerability Detail
In the
TelcoinDistributor
contract, functionchallengeTransaction
is used by council member to challenge the transaction in the challenge period:It use
whenNotPaused
, which mean function can not be executed when contract is paused (when contract is hacked, ...), but there is no extend for the time when contract is paused, which can be seen atexecuteTransaction()
function:It only check if
challengePeriod
is passed or not, it do not calculate the time when contract is pausedImpact
Malicious transaction can be executed when contract is paused long enough
Code Snippet
https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/protocol/core/TelcoinDistributor.sol#L115-#L136
Tool used
Manual Review
Recommendation
Calculate the time when contract is paused when execute challenge
Duplicate of #24