Fix Issue 01

Summary: emergency_shutdown role is not enough for emergency shutdown. Issue Link: sherlock-audit/2023-08-cooler-judging#1 Fix Description: Refactor defund() into a permissioned external function and an unpermissioned _defund() internal function. emergencyShutdown() interacts with internal function instead of external function to avoid permissioning issue.
ohmzeus · Sep 5, 2023 · ad5b5b3 · ad5b5b3
1 parent c6f2bbe
commit ad5b5b3
Showing 1 changed file with 10 additions and 3 deletions.
diff --git a/src/Clearinghouse.sol b/src/Clearinghouse.sol
@@ -336,7 +336,14 @@ contract Clearinghouse is Policy, RolesConsumer, CoolerCallback {
     /// @notice Return funds to treasury.
     /// @param  token_ to transfer.
     /// @param  amount_ to transfer.
-    function defund(ERC20 token_, uint256 amount_) public onlyRole("cooler_overseer") {
+    function defund(ERC20 token_, uint256 amount_) external onlyRole("cooler_overseer") {
+        _defund(token_, amount_);
+    }
+
+    /// @notice Return funds to treasury.
+    /// @param  token_ to transfer.
+    /// @param  amount_ to transfer.
+    function _defund(ERC20 token_, uint256 amount_) internal {
         if (token_ == gOHM) revert OnlyBurnable();
         if (token_ == sdai || token_ == dai) {
             // Since users loans are denominated in DAI, the clearinghouse
@@ -362,11 +369,11 @@ contract Clearinghouse is Policy, RolesConsumer, CoolerCallback {
 
         // If necessary, defund sDAI.
         uint256 sdaiBalance = sdai.balanceOf(address(this));
-        if (sdaiBalance != 0) defund(sdai, sdaiBalance);
+        if (sdaiBalance != 0) _defund(sdai, sdaiBalance);
 
         // If necessary, defund DAI.
         uint256 daiBalance = dai.balanceOf(address(this));
-        if (daiBalance != 0) defund(dai, daiBalance);
+        if (daiBalance != 0) _defund(dai, daiBalance);
 
         emit Deactivated();
     }