search

sherlock-audit / 2024-05-beefy-cowcentrated-liquidity-manager-judging

5 stars 5 forks source link

jasonxiale - `StrategyPassiveManagerVelodrome.retireVault` can be DOSed #124

Closed sherlock-admin4 closed 2 months ago

sherlock-admin4 commented 2 months ago

jasonxiale

medium

StrategyPassiveManagerVelodrome.retireVault can be DOSed

Summary

StrategyPassiveManagerVelodrome.retireVault can be used to terminate the contract, after calling the function, the contract will be paused, the ownership will be tranferred to address(0). When the ownership is tranferred to address(0), the paused contract can't be unpaused again because of StrategyPassiveManagerVelodrome.sol#L819

Vulnerability Detail

In StrategyPassiveManagerVelodrome.retireVault there is a check that IBeefyVaultConcLiq(vault).totalSupply() must be 10**3, otherwise the function will revert in StrategyPassiveManagerVelodrome.sol#L794, so to DoS the function, a malicious only needs to deposit one share in the vault

Impact

StrategyPassiveManagerVelodrome.retireVault can be used to terminate the contract, after calling the function, the contract will be paused, the ownership will be tranferred to address(0). When the ownership is tranferred to address(0), the paused contract can't be unpaused again because of StrategyPassiveManagerVelodrome.sol#L819

Code Snippet

https://github.com/sherlock-audit/2024-05-beefy-cowcentrated-liquidity-manager/blob/42ef5f0eac1bc954e888cf5bfb85cbf24c08ec76/cowcentrated-contracts/contracts/strategies/velodrome/StrategyPassiveManagerVelodrome.sol#L794

Tool used

Manual Review

Recommendation

sherlock-admin4 commented 2 months ago

1 comment(s) were left on this issue during the judging contest.

z3s commented:

Invalid; Retired vault is not supposed to be unpaused.