Protocol fees from execution layer rewards will be lost #497
Labels
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-498
grade-a
Q-33
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_230_group
AI based duplicate group recommendation
sufficient quality report
This report is of sufficient quality
Comments
howlbot-integration
bot
added
2 (Med Risk)
|
CloudEllie marked the issue as duplicate of #498 |
c4-judge
added
downgraded by judge
|
alcueca changed the severity to QA (Quality Assurance) |
|
alcueca marked the issue as grade-a |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Lines of code
https://github.com/code-423n4/2024-04-renzo/blob/1c7cc4e632564349b204b4b5e5f494c9b0bc631d/contracts/Deposits/DepositQueue.sol#L160
Vulnerability details
Vulnerability Detail
The
DepositQueuecontract states the following regarding thereceive()function:/// This should receive ETH from scenarios like Execution Layer Rewards and MEV from native stakingHowever, Execution layer rewards are sent by directly increasing the contract's balance without calling the
receive()function.This means that when rewards are accrued the following logic within the
receive()function will not execute:totalEarned[address(0x0)]Impact
The protocol does not receive fees from execution layer rewards, which is a major disruption to protocol functionality. Also, the WithdrawalQueue is not prioritised leading to a potential state of inability to withdraw.
Proof of Concept
receive() function
https://github.com/code-423n4/2024-04-renzo/blob/1c7cc4e632564349b204b4b5e5f494c9b0bc631d/contracts/Deposits/DepositQueue.sol#L160
Tools Used
Manual Review
Recommended Mitigation
Ensure that rewards are sent to a different contract, not DepositQueue as it is stated in the comments.
Assessed type
Error
The text was updated successfully, but these errors were encountered: