nevillehuang
commented
3 months ago Invalid, FeeFacet.sol is OOS of this contest
Closed sherlock-admin3 closed 3 months ago
nevillehuang
commented
3 months ago Invalid, FeeFacet.sol is OOS of this contest
nikhil840096
Medium
Missing Function Signature in Diamond Proxy Contract Deployment
Summary
During the deployment of the Diamond Proxy Contract, an issue has been identified where the function present in the facets but not being added correctly. Specifically, the
cancelClaimRewards()function fromfeefaucet.solis missing from the interfaceIFEE.sol. This oversight results in the absence of this function's signature in the facet list, potentially leading to unintended disruptions in the protocol's functionality.Vulnerability Detail
In the Diamond Proxy pattern, facets are used to implement specific functionalities which can be added or removed dynamically. During the deployment, each facet's interface is used to generate function signatures, which are then included in the facet list. These function signatures are crucial for routing calls to the correct facet functions.
However, it has been observed that the
cancelClaimRewards()function present infeefaucet.solis not included in theIFEE.solinterface. This omission leads to the absence of thecancelClaimRewards()function signature during the deployment process.Impact
Users who will want to cancel there
clamRewardrequest they will not be able to cancel it.Code Snippet
https://github.com/sherlock-audit/2024-05-elfi-protocol/blob/main/elfi-perp-contracts/contracts/facets/FeeFacet.sol#L47 https://github.com/sherlock-audit/2024-05-elfi-protocol/blob/main/elfi-perp-contracts/contracts/interfaces/IFee.sol
Tool used
Manual Review
Recommendation
Update the Interface: Include the
cancelClaimRewards()function in theIFEE.solinterface.