Skip to content
This repository has been archived by the owner on Mar 3, 2024. It is now read-only.

Phantasmagoria - Removed vault cannot be added again #356

Closed
sherlock-admin opened this issue Aug 29, 2023 · 0 comments
Closed

Phantasmagoria - Removed vault cannot be added again #356

sherlock-admin opened this issue Aug 29, 2023 · 0 comments
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A valid Medium severity issue Reward A payout will be made for this issue

Comments

@sherlock-admin
Copy link
Contributor

sherlock-admin commented Aug 29, 2023
edited by sherlock-admin2
Loading

Phantasmagoria

medium

Removed vault cannot be added again

Summary

The removed vault cannot be added again because the addVault function will revert

Vulnerability Detail

The vulnerability stems from the fact that once a vault has been removed, attempts to re-add it using the addVault function fail and cause the function to revert. This behavior arises because the addVault function doesn't properly account for the scenario in which a vault has been removed previously

By looking at the removeVault() function, we can see that this function doesn't remove the vault from _vaultsByType. This means that the vault will still be present in that mapping. If you would like to re-add a vault that has already been removed, the addVault() function will revert due to this line of code:

59:     if (!_vaultsByType[vaultType].add(vaultAddress)) revert VaultAlreadyExists(vaultAddress);

Impact

The impact of this vulnerability is that a previously removed vault cannot be re-added to the system. Any attempts to re-add it using the addVault function fail and cause the function to revert. This could result in a loss of functionality or disruption to the normal operation of the smart contract.

Also, the listVaultsForType function will return incorrect values, potentially leading to integration problems, as projects aiming to integrate with Tokemak may receive inaccurate information

Code Snippet

https://github.com/Tokemak/v2-core-audit-2023-07-14/blob/62445b8ee3365611534c96aef189642b721693bf/src/vault/LMPVaultRegistry.sol#L59
https://github.com/Tokemak/v2-core-audit-2023-07-14/blob/62445b8ee3365611534c96aef189642b721693bf/src/vault/LMPVaultRegistry.sol#L64
https://github.com/Tokemak/v2-core-audit-2023-07-14/blob/62445b8ee3365611534c96aef189642b721693bf/src/vault/LMPVaultRegistry.sol#L102

Tool used

Manual Review

Recommendation

Add the following line of code to the removeVault function:

if (!_vaultsByType[asset].remove(vaultAddress)) revert VaultNotFound(vaultAddress);

Duplicate of #674
@github-actions github-actions bot added Medium A valid Medium severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Sep 11, 2023
@sherlock-admin2 sherlock-admin2 changed the title Square Grape Griffin - Removed vault cannot be added again Phantasmagoria - Removed vault cannot be added again Oct 3, 2023
@sherlock-admin2 sherlock-admin2 added the Reward A payout will be made for this issue label Oct 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A valid Medium severity issue Reward A payout will be made for this issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sherlock-admin @sherlock-admin2