Closed sherlock-admin3 closed 2 months ago
2 comment(s) were left on this issue during the judging contest.
z3s commented:
Invalid;
panic()
calls_pause()
too.
DHTNS commented:
Invalid -> works as intended if vault retired then no need to unpause
aman
medium
The
unpause
function is not logically correctSummary
The Contest ReadMe state that
The
unpause
function will always revert due to this checkif (owner() == address(0)) revert NotAuthorized();
because thepause
function can only be called when the strategy owner callsretireVault
.Vulnerability Detail
The strategy support the
pausable
feature , which allows the owner of strategy topause
andunpause
the strategy. However in theStrategyPassiveManagerVelodrome
the only instance where the strategy can bepaused
is inside theretireVault
. lets have a look atretireVault
code :As it can be observed that at line
801
the ownership of strategy has transferred toaddress(0)
. now lets have a look atunpause
function :At line
821
we check that if theowner==address(0)
then revert. So the use case where this function could be used is not possible in current implementation.Impact
The
unpause
function will never be executed successfully.Code Snippet
https://github.com/sherlock-audit/2024-05-beefy-cowcentrated-liquidity-manager/blob/main/cowcentrated-contracts/contracts/strategies/velodrome/StrategyPassiveManagerVelodrome.sol#L799 https://github.com/sherlock-audit/2024-05-beefy-cowcentrated-liquidity-manager/blob/main/cowcentrated-contracts/contracts/strategies/velodrome/StrategyPassiveManagerVelodrome.sol#L818-L824
Tool used
Manual Review
Recommendation
Add an other function which will allows the owner to
pause
the strategy. perform all the things which are done inretireVault
but don't transfer the ownership toaddress(0).