Closed sherlock-admin2 closed 4 months ago
2 comment(s) were left on this issue during the judging contest.
z3s commented:
Invalid; _addLiquidity() checks it, anyway.
DHTNS commented:
Invalid -> paused checks are there in _addLiquidity function
Dots
medium
Paused state is not checked in deposit function
Summary
Paused state is not checked.
Vulnerability Detail
The strategy can be paused under certain periods that are considered to be dangerous for the system. This is usually done to protect the system from attacks or to prevent the system from making bad decisions.
However, the deposit function doesn't perform checks on whether the system is paused or not. This means that users can still interact with the system, even though it is paused. This can lead to unexpected behavior and potential losses for the users.
Impact
This issue can lead to unexpected behavior and potential losses for the users.
Code Snippet
https://github.com/sherlock-audit/2024-05-beefy-cowcentrated-liquidity-manager/blob/main/cowcentrated-contracts/contracts/strategies/velodrome/StrategyPassiveManagerVelodrome.sol#L204-L219
Tool used
Manual Review
Recommendation