search

sherlock-audit / 2024-06-mellow-judging

7 stars 3 forks source link

hals - `RestrictingKeeper.processConfigurators()` is not protected #301

Closed sherlock-admin2 closed 3 months ago

sherlock-admin2 commented 4 months ago

hals

Medium

RestrictingKeeper.processConfigurators() is not protected

Summary

RestrictingKeeper.processConfigurators() is not protected as it allows any party to prevent updating vital vaults configuration.

Vulnerability Detail

RestrictingKeeper.processConfigurators() function is meant to rollback (delete uncommitted updates) some vital vaults configurations as _baseDelay, _maximalTotalSupplyDelay and _maximalTotalSupply:

    function processConfigurators(
        VaultConfigurator[] memory configurators
    ) external {
        for (uint256 i = 0; i < configurators.length; i++) {
            VaultConfigurator configurator = configurators[i];
            configurator.rollbackStagedBaseDelay();
            configurator.rollbackStagedMaximalTotalSupplyDelay();
            configurator.rollbackStagedMaximalTotalSupply();
        }
    }

where accessing any of these functions in the VaultConfigurator contract require the admin privilage:

 function rollbackStagedBaseDelay() external onlyAdmin nonReentrant {
        _rollback(_baseDelay);
    }

Impact

Unprotecting the RestrictingKeeper.processConfigurators() function with a proper access control modifier will enable anyone from preventing updating these valuts configurations.

Code Snippet

https://github.com/sherlock-audit/2024-06-mellow/blob/26aa0445ec405a4ad637bddeeedec4efe1eba8d2/mellow-lrt/src/utils/RestrictingKeeper.sol#L6C1-L16C6

Tool used

Manual Review

Recommendation

Add a proper access modifier for the RestrictingKeeper.processConfigurators() function.

Duplicate of #143