Platform: Code4rena
Start Date: 27/04/2023
Pot Size: $90,500 USDC
Total HM: 4
Participants: 43
Period: 7 days
Judge: GalloDaSballo
Id: 233
League: ETH
Rank: 42/43
Findings: 1
Award: $71.60
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: volodya
Also found by: 0xWaitress, 0xnev, ABA, Aymen0909, Cyfrin, QiuhaoLi, RaymondFam, btk, bughunter007, ihtishamsudo, juancito, libratus, niser93, sashik_eth
71.6048 USDC - $71.60
L-01 _completeQueuedWithdrawal should not assume operator has to delegate to itself
Operator must not be frozen in order to complete a withdrawal. This is enforced here using onlyNotFrozen(queuedWithdrawal.delegatedAddress).
This check assumes that an operator always delegates to himself. This is currently indeed the case in DelegationManager, however, since the contract is out of scope, this behavior may change. For additional safety consider adding onlyNotFrozen(queuedWithdrawal.depositor).
L-02 Owner can renounce ownership
Openzeppelin's Ownable has a function to renounce ownership. Consider overriding this function to disallow renouncing in StrategyManager and EigenPodManager
NC-01 Use Ownable2Step instead of Ownable Ownable2Step is a safer alternative of Ownable that can prevent mistakes when transfering ownership.
NC-02 Block time change
MAX_WITHDRAWAL_DELAY_BLOCKS is a constant and is set based on 12-second block time. The protocol is trying to be future-proof and even handles the case with chain id changing.
//if chainid has changed, we must re-compute the domain separator if (block.chainid != ORIGINAL_CHAIN_ID) {
For consistency it also makes sense to consider a possible block time change and make MAX_WITHDRAWAL_DELAY_BLOCKS modifiable by the admin.
NC-02 Missing code coverage Tests don't cover certain important code paths like:
#0 - GalloDaSballo
2023-06-02T09:25:14Z
1L for l1, res is OOS / off
#1 - c4-judge
2023-06-02T09:38:50Z
GalloDaSballo marked the issue as grade-b