Upgraded Q -> 2 from #892 [1715425381801] #1310
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
duplicate-118
satisfactory
satisfies C4 submission criteria; eligible for awards
Judge has assessed an item in Issue #892 as 2 risk. The relevant finding follows:
[L-1] Griefing is possible on vault removal
In VaultManagerV2.sol line 101 Since anyone can deposit into a vault, someone can deny removal of a vault if will be able to frontrun removal transaction with a 1 wei deposit. However, this is rated as low at best, since this doesn’t look like efficient and impactful attack vector.
Remediation:
Either allow owner to pause deposits or implement minimum deposit to make attack more expensive.
The text was updated successfully, but these errors were encountered: