You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Mar 3, 2024. It is now read-only.
sherlock-admin opened this issue
Aug 29, 2023
· 0 comments
Labels
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
The removed vault cannot be added again because the addVault function will revert
Vulnerability Detail
The vulnerability stems from the fact that once a vault has been removed, attempts to re-add it using the addVault function fail and cause the function to revert. This behavior arises because the addVault function doesn't properly account for the scenario in which a vault has been removed previously
By looking at the removeVault() function, we can see that this function doesn't remove the vault from _vaultsByType. This means that the vault will still be present in that mapping. If you would like to re-add a vault that has already been removed, the addVault() function will revert due to this line of code:
59: if (!_vaultsByType[vaultType].add(vaultAddress)) revertVaultAlreadyExists(vaultAddress);
Impact
The impact of this vulnerability is that a previously removed vault cannot be re-added to the system. Any attempts to re-add it using the addVault function fail and cause the function to revert. This could result in a loss of functionality or disruption to the normal operation of the smart contract.
Also, the listVaultsForType function will return incorrect values, potentially leading to integration problems, as projects aiming to integrate with Tokemak may receive inaccurate information
sherlock-admin2
changed the title
Square Grape Griffin - Removed vault cannot be added again
Phantasmagoria - Removed vault cannot be added again
Oct 3, 2023
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
Phantasmagoria
medium
Removed vault cannot be added again
Summary
The removed vault cannot be added again because the addVault function will revert
Vulnerability Detail
The vulnerability stems from the fact that once a vault has been removed, attempts to re-add it using the addVault function fail and cause the function to revert. This behavior arises because the addVault function doesn't properly account for the scenario in which a vault has been removed previously
By looking at the removeVault() function, we can see that this function doesn't remove the vault from _vaultsByType. This means that the vault will still be present in that mapping. If you would like to re-add a vault that has already been removed, the addVault() function will revert due to this line of code:
Impact
The impact of this vulnerability is that a previously removed vault cannot be re-added to the system. Any attempts to re-add it using the addVault function fail and cause the function to revert. This could result in a loss of functionality or disruption to the normal operation of the smart contract.
Also, the listVaultsForType function will return incorrect values, potentially leading to integration problems, as projects aiming to integrate with Tokemak may receive inaccurate information
Code Snippet
https://github.com/Tokemak/v2-core-audit-2023-07-14/blob/62445b8ee3365611534c96aef189642b721693bf/src/vault/LMPVaultRegistry.sol#L59
https://github.com/Tokemak/v2-core-audit-2023-07-14/blob/62445b8ee3365611534c96aef189642b721693bf/src/vault/LMPVaultRegistry.sol#L64
https://github.com/Tokemak/v2-core-audit-2023-07-14/blob/62445b8ee3365611534c96aef189642b721693bf/src/vault/LMPVaultRegistry.sol#L102
Tool used
Manual Review
Recommendation
Add the following line of code to the removeVault function:
Duplicate of #674
The text was updated successfully, but these errors were encountered: