Platform: Code4rena
Start Date: 02/06/2023
Pot Size: $100,000 USDC
Total HM: 15
Participants: 75
Period: 7 days
Judge: Picodes
Total Solo HM: 5
Id: 249
League: ETH
Rank: 34/75
Findings: 1
Award: $102.27
🌟 Selected for report: 0
🚀 Solo Findings: 0
102.2712 USDC - $102.27
https://github.com/code-423n4/2023-06-stader/blob/main/contracts/Auction.sol#L14 https://github.com/code-423n4/2023-06-stader/blob/main/contracts/OperatorRewardsCollector.sol#L12 https://github.com/code-423n4/2023-06-stader/blob/main/contracts/SocializingPool.sol#L17 https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderOracle.sol#L17
The pause() and unpause() methods are actually internal, so if your contract does not expose them externally you have no way of using pausability. In contrast in ETHx, PermissionedNodeRegistry, StaderStakePoolsManager and UserWithdrawalManager for example the pattern implementation is totally correct.
There aren't externally exposed pause and unpause methods, so it's impossible to use this functionality as expected.
Manual Review
The pause() and unpause() methods should be exposed in the code of the contract which inhertits PausableUpgradeable. Add these external methods with the proper access control in Auction.sol, OperatorRewardsCollector.sol, SocializingPool.sol and StaderOracle.sol.
Library
#0 - c4-judge
2023-06-14T18:51:15Z
Picodes marked the issue as duplicate of #383
#1 - c4-judge
2023-07-02T09:44:14Z
Picodes marked the issue as satisfactory