You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA Medium severity issue.RewardA payout will be made for this issue
SuperPool::togglePause is not pausing or unpausing the contract's state
Summary
SuperPool contract has a function togglePause which should allow the Owner to pause the contract state when something malicious happens and Unpause them Whenever intended. But in the current case of the contract, Not even a single function can be paused or have the effects of pausing and Unpausing.
Vulnerability Detail
SuperPool contract functions cannot be paused even though Owner tries to pause the contract by calling togglePause Because None of the functions of SuperPoolimplements whenNotPaused modifier which is responsible of checking whether the contract is paused or not.
As the whenNotPaused modifier is not implemented in any of the functions of SuperPool the contract's state/functions cannot be paused/unpaused and the function togglePause will have no impact on contract's state/functions.
Because of Which SuperPool contract's state Cannot be Paused with the function togglePause which should be its functionality as mentioned in the comment of togglePause function.
Impact
SuperPool contract's state or functions cannot be paused in any necessary situations.
sherlock-admin4
changed the title
Fancy Iron Kookaburra - SuperPool::togglePause is not pausing or unpausing the contract's state
0xMax1mus - SuperPool::togglePause is not pausing or unpausing the contract's state
Sep 15, 2024
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA Medium severity issue.RewardA payout will be made for this issue
0xMax1mus
High
SuperPool::togglePause is not pausing or unpausing the contract's state
Summary
SuperPool
contract has a functiontogglePause
which should allow the Owner to pause the contract state when something malicious happens and Unpause them Whenever intended. But in the current case of the contract, Not even a single function can be paused or have the effects of pausing and Unpausing.Vulnerability Detail
SuperPool
contract functions cannot be paused even though Owner tries to pause the contract by callingtogglePause
Because None of the functions ofSuperPool
implementswhenNotPaused
modifier which is responsible of checking whether the contract is paused or not.As the
whenNotPaused
modifier is not implemented in any of the functions ofSuperPool
the contract's state/functions cannot be paused/unpaused and the functiontogglePause
will have no impact on contract's state/functions.Because of Which
SuperPool
contract's state Cannot be Paused with the functiontogglePause
which should be its functionality as mentioned in the comment oftogglePause
function.Impact
SuperPool
contract's state or functions cannot be paused in any necessary situations.Code Snippet
https://github.com/sherlock-audit/2024-08-sentiment-v2/blob/main/protocol-v2/src/SuperPool.sol#L163C5-L167C6
https://github.com/sherlock-audit/2024-08-sentiment-v2/blob/main/protocol-v2/src/SuperPool.sol#L258C5-L263C6
https://github.com/sherlock-audit/2024-08-sentiment-v2/blob/main/protocol-v2/src/SuperPool.sol#L281C5-L286C6
Tool used
Manual Review
Recommendation
Implement the modifier
whenNotPaused
to every function.Duplicate of #270
The text was updated successfully, but these errors were encountered: