Proposed: February 5, 2024
Status: Passed
Link: Snapshot
Note: This is a reproposal of BIR-10, where the BIC informally agreed on the bounty amount but the Snapshot vote was not able to get 4 signatures before end of the Voting Period.
Beanstalk Immunefi Committee
By calling transferDeposit
with an amount
of 0
, anyone is able to steal 1 root
(an internal accounting variable used to track Stalk ownership) at a time from any other user for the cost of gas.
Add a require
statement that checks that the amount
in transferDeposit
is greater than 0.
Given the low impact and likelihood of this issue being exploited (it is unprofitable to execute), the BCM determined that an EBIP is not necessary. The goal is to include this fix in an upcoming BIP.
The BIC determined that the impact of this issue is low given that roots
cannot be redeemed for any underlying value and the costs of any form of an "attack" would not be profitable by a significant margin. Thus, the most applicable impact in scope is griefing and any "attack" related to this bug report would have an extremely low likelihood.
For these reasons, the BIC has determined that this bug report be rewarded 1,000 Beans.
The init
function on the following InitMint
contract is called:
We propose 1,000 Beans are minted to the following address in order to pay the bounty to the whitehat:
We propose 100 Beans are minted to the following address in order to pay the 10% fee to Immunefi: