BIR-7: Verify Whitelisted Pool for Converts

Proposed: November 22, 2023

Status: Passed

Link: Snapshot


Proposer

Beanstalk Immunefi Committee

Summary

Bug

Since Replant and prior to this EBIP, Converts did not validate that the pool being Converted in is whitelisted, which would have allowed an attacker to Convert all Beans in the the Beanstalk contract into their own Bean Deposits (which could then be Withdrawn and sold).

Fix

Add require statements in LibWellConvert that verify that the Well being Converted in is whitelisted.

This was fixed in EBIP-13.

Determination

The BIC determined that the funds at risk were all of the Beans in the Beanstalk contract (~22.8M at the time of the report) given that an attacker could have Converted all of these Beans into their own Bean Deposits (which could then be Withdrawn and sold).

Given this, the BIC has determined that this report qualifies for the max reward on Immunefi of 1.1M Beans.

Beans Minted

The init function on the following InitMint contract is called:

We propose 1,100,000 Beans are minted to the following address in order to pay the bounty to the whitehat:

We propose 110,000 Beans are minted to the following address in order to pay the 10% fee to Immunefi: