Platform: Code4rena
Start Date: 27/10/2022
Pot Size: $33,500 USDC
Total HM: 8
Participants: 96
Period: 3 days
Judge: kirk-baird
Total Solo HM: 1
Id: 176
League: ETH
Rank: 21/96
Findings: 1
Award: $247.53
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: rbserver
Also found by: 0x1f8b, 0xSmartContract, Trust, cccz, codexploder, ctf_sec, hansfriese
247.5252 USDC - $247.53
https://github.com/code-423n4/2022-10-paladin/blob/main/contracts/WardenPledge.sol#L456 https://github.com/code-423n4/2022-10-paladin/blob/main/contracts/WardenPledge.sol#L488
Owner can pause the contract at any time. It seems once contract is paused, Users are not even allowed to close or retrievePledgeRewards which means their funds are stuck until owner decides to unpause the contract.
function pause() external onlyOwner { _pause(); }
function closePledge(uint256 pledgeId, address receiver) external whenNotPaused nonReentrant { ... } function retrievePledgeRewards(uint256 pledgeId, address receiver) external whenNotPaused nonReentrant { ... }
Remove the whenNotPaused modifier from both closePledge and retrievePledgeRewards function
#0 - Kogaroshi
2022-10-30T23:24:21Z
Duplicate of #70
#1 - c4-judge
2022-11-11T08:09:49Z
kirk-baird marked the issue as satisfactory
#2 - c4-judge
2022-11-11T08:09:53Z
kirk-baird marked the issue as not a duplicate
#3 - c4-judge
2022-11-11T08:10:01Z
kirk-baird marked the issue as duplicate of #70
#4 - c4-judge
2022-12-06T17:36:20Z
Simon-Busch marked the issue as duplicate of #269