Reputation Risks With Contractowner
Report ID
#12473
Target
Report type
Smart Contract
Impacts
Direct theft of any user funds, whether at-rest or in-motion, other than unclaimed yield
Has PoC?
Yes
Bug Description
DiamondCutFacet WhitelistFacet PauseFacet FertilizerFacet
contractOwner has complete freedom to change any functionality and withdraw/rug all assets. Even if well intended the project could still be called out resulting in a damaged reputation like in this example. https://twitter.com/RugDocIO/status/1411732108029181960
Impact
Recommend implementing extra safeguards such as:
Limiting the time period where sensitive functions can be used. Having a waiting period before pushed update is executed. Using a multisig to mitigate single point of failure in case contractOwner private key leaks.
Risk Breakdown
Difficulty to Exploit: Easy Weakness: CVSS2 Score:
Proof of concept
Recommend implementing extra safeguards such as:
Limiting the time period where sensitive functions can be used. Having a waiting period before pushed update is executed. Using a multisig to mitigate single point of failure in case contractOwner private key leaks.
BIC Response
This is not a security bug report because it is incorrect that address 0x925753106fcdb6d2f30c3db295328a0a1c5fd1d1 is the contract owner, it is a 5-of-9 multisig called the Beanstalk Community Multisig. The powers of this multisig are well documented and approved by the Beanstalk DAO. Docs here: https://docs.bean.money/governance/beanstalk/bcm-process
Due to these reasons, we are closing the submission and no reward will be issued.