Dandy Lavender Terrier - reset instructions will not work

[sherlock-admin2]

Dandy Lavender Terrier

Medium

reset instructions will not work

Summary

The reset instruction first assigns the ownership of the PDA to System and then tries to realloc its size to zero. This is not possible as after assigning ownership to System, only System will have the rights to do this.

Root Cause

After the ownership of PDA is assigned to System, no account other than System can change its size. This issue exists in both reset_oapp.rs and reset_vault.rs: https://github.com/sherlock-audit/2024-09-orderly-network-solana-contract/blob/main/solana-vault/packages/solana/contracts/programs/solana-vault/src/instructions/oapp_instr/reset_oapp.rs#L7-L28 https://github.com/sherlock-audit/2024-09-orderly-network-solana-contract/blob/main/solana-vault/packages/solana/contracts/programs/solana-vault/src/instructions/vault_instr/reset_vault.rs#L7-L29

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

reset+reinit flow is not possible to use.

PoC

No response

Mitigation

Here is a recommended way to close accounts:

#[program]
pub mod closing_accounts_recommended {
    use super::*;

    pub fn close(ctx: Context<Close>) -> ProgramResult {
        Ok(())
    }
}

#[derive(Accounts)]
pub struct Close<'info> {
    #[account(mut, close = destination)]
    account: Account<'info, Data>,
    #[account(mut)]
    destination: AccountInfo<'info>,
}

#[account]
pub struct Data {
    data: u64,
}

close constraint will make it so that the account is deleted and remaining SOL is sent to destination, after this you can initialize PDA as usual.