dod4ufn - incase_token_got_stuck_handler does not update protocol state leading to corrupted state

[sherlock-admin4]

dod4ufn

High

incase_token_got_stuck_handler does not update protocol state leading to corrupted state

Summary

The function incase_token_got_stuck_handler does not properly update the pool’s state when transferring tokens from the pool to the admin, which results in corrupted state.

Vulnerability Detail

When calling deposit , withdraw , claim_fee , claim_fee_amount , or swap the pool’s state is properly updated i.e. the reserve and unclaimed_fee variables are checked and increased or decreased.

This is not the case for the incase_token_got_stuck_handler function where there are no checks or updates to the state. Which leads to the rest of the functions to revert if the checks do not hold true.

E.g. when trying to swap amounts that the pool’s reserve says there is enough reserve to swap, but the token_vault’s amount is not sufficient.

Impact

The pool’s core functionality will be unusable if incase_token_got_stuck_handler is used. The issue cannot be reversed since there is no mechanism to correct the corrupted pool state.

Code Snippet

incase_token_got_stuck function withdraw’s function checks and state update swap’s sanity check that will revert

Tool used

Manual Review

Recommendation

Properly update the pool state’s reserve and unclaimed_fee so that the pool’s state is not corrupted, and trading may be resumed.

[toprince]

Not valid. It is emergency call to protect the coin in vault.