Pause check missing on the several functions (PoolTemplate) #339
Labels
1 (Low Risk)
Assets are not at risk. State handling, function incorrect as to spec, issues with comments
bug
Something isn't working
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
Handle
defsec
Vulnerability details
Impact
On the deposit and other functions, some of the functions are checked when the contract is paused. However, other functions like unlock or transferinsturance does not have any pause protection.
Proof of Concept
https://github.com/code-423n4/2022-01-insure/blob/19d1a7819fe7ce795e6d4814e7ddf8b8e1323df3/contracts/PoolTemplate.sol#L260
Tools Used
None
Recommended Mitigation Steps
Review all the function behaviours and put extra pause check.
The text was updated successfully, but these errors were encountered: