Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ineffective Pausing Mechanism #33

Open
c4-bot-9 opened this issue Jun 6, 2024 · 4 comments
Open

Ineffective Pausing Mechanism #33

c4-bot-9 opened this issue Jun 6, 2024 · 4 comments
Labels
bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax

Comments

@c4-bot-9
Copy link
Contributor

c4-bot-9 commented Jun 6, 2024
edited by c4-bot-2
Loading

Lines of code

https://github.com/code-423n4/2024-04-renzo/blob/1c7cc4e632564349b204b4b5e5f494c9b0bc631d/contracts/Bridge/L2/xRenzoDeposit.sol#L168
https://github.com/code-423n4/2024-04-renzo/blob/1c7cc4e632564349b204b4b5e5f494c9b0bc631d/contracts/Bridge/L2/xRenzoDeposit.sol#L204

Vulnerability details

Vulnerability Details:

The protocol has the ability to pause user deposits and withdrawals if necessary, for instance, due to the identification of a vulnerability or during a contract upgrade. However, the current implementation’s pausing capability does not account for deposits made from Layer 2 networks. As seen below, the depositETH and deposit functions in the xRenzoDeposit L2 contract lack a clear way to be halted if necessary.

    function depositETH(uint256 _minOut, uint256 _deadline) external payable nonReentrant returns (uint256) {
        ...
        return _deposit(wrappedAmount, _minOut, _deadline);
    }
    function deposit(uint256 _amountIn, uint256 _minOut, uint256 _deadline) external nonReentrant returns (uint256) {
        ...
        return _deposit(_amountIn, _minOut, _deadline);
    }

If the protocol needs to halt deposits and withdrawals for any reason, the current implementation cannot apply this restriction to deposits from any L2 networks. As a result, deposits can still be made while the protocol is paused, eventually reaching the L1 side and undermining the effectiveness of the pause

Impact:

  • Severity: High. Since L2 deposits eventually flow into L1 and are part of the same pool, there might be cases where the protocol needs to pause all deposits. However, in the current implementation, this is not possible, which could lead to further issues if pausing becomes necessary.
  • Likelihood: Low. This problem only occurs if the system is paused. However, since the functionality is implemented, it is reasonable to assume the possibility of its occurrence.

Tools Used:

  • Manual analysis

Recommendation:

The protocol should add the pausing functionality to the depositETH and deposit functions in the xRenzoDeposit contract. This will ensure that the protocol can pause all deposits and withdrawals if necessary.

    /// @dev Only allows execution if contract is not paused
    modifier notPaused() {
        if (paused) revert ContractPaused();
        _;
    }
    
    ...
    
    function depositETH(uint256 _minOut, uint256 _deadline) external payable nonReentrant notPaused returns (uint256) {
        ...
        return _deposit(wrappedAmount, _minOut, _deadline);
    }
    
    ...
    
    function deposit(uint256 _amountIn, uint256 _minOut, uint256 _deadline) external nonReentrant notPaused returns (uint256) {
        ...
        return _deposit(_amountIn, _minOut, _deadline);
    }

Assessed type

Access Control
@c4-bot-9 c4-bot-9 added 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working labels Jun 6, 2024
c4-bot-4 added a commit that referenced this issue Jun 6, 2024
@c4-bot-4
0xCiphky issue #33
3a30aba
@jatinj615
Copy link

L2 deposits can be halted by removing the ability of xRenzoDeposit to mint xezETH instead.

@alcueca
Copy link

alcueca commented Jun 9, 2024

The mitigation by the sponsor is reasonable, although pausing might be more comfortable in the event of an incident. Valid QA.

@c4-judge
Copy link

c4-judge commented Jun 9, 2024

alcueca changed the severity to QA (Quality Assurance)

@c4-judge c4-judge added downgraded by judge Judge downgraded the risk level of this issue QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax and removed 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value labels Jun 9, 2024
@c4-judge
Copy link

c4-judge commented Jun 9, 2024

alcueca marked the issue as grade-a

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jatinj615 @alcueca @c4-judge @code4rena-admin @c4-bot-9