Platform: Code4rena
Start Date: 02/06/2023
Pot Size: $100,000 USDC
Total HM: 15
Participants: 75
Period: 7 days
Judge: Picodes
Total Solo HM: 5
Id: 249
League: ETH
Rank: 5/75
Findings: 2
Award: $6,138.27
🌟 Selected for report: 1
🚀 Solo Findings: 1
🌟 Selected for report: JGcarv
6119.6969 USDC - $6,119.70
https://github.com/code-423n4/2023-06-stader/blob/main/contracts/PermissionlessNodeRegistry.sol#L183 https://github.com/code-423n4/2023-06-stader/blob/main/contracts/PermissionedNodeRegistry.sol#L254
The OPERATOR role holds a lot of power within the system, which can compromise the both the system integrity and it's permission-less nature.
The OPERATOR key is responsible for confirming marking each validator submitted key as either valid or invalid, without any assurance to validators.
Any validator in permissionless pool can run a node with 4 ETH + 0.4 ETH worth of SD token.
Which is not strictly true, since any participant in the system must be vetted by the OPERATOR, which can arbitrarily mark as invalid or frontrun key without the need to provide justification or having an appeal system. Alternatively, the OPERATOR can simple ignore the added key and never mark it as ready to deposit.
Therefore, the pool can't be considered permissionless, since participants must rely on the benevolence of the OPERATOR to participate.
Manual Review
There is no simple fix for the issue, but at minimum, the protocol shouldn't be advertised as permissioneless.
Rug-Pull
#0 - c4-judge
2023-06-14T19:17:23Z
Picodes changed the severity to 2 (Med Risk)
#1 - manoj9april
2023-06-20T08:18:29Z
Thank you pointing it out. We will move this logic to oracle.
#2 - c4-sponsor
2023-06-20T08:18:36Z
manoj9april marked the issue as sponsor confirmed
#3 - Picodes
2023-07-02T10:03:14Z
Keeping Med severity considering this could be an instance of "function of the protocol or its availability could be impacted"
#4 - c4-judge
2023-07-02T10:05:13Z
Picodes marked the issue as satisfactory
#5 - sanjay-staderlabs
2023-07-13T04:17:50Z
This is fixed