Skip to content

[VAULTS] Audit fixes 4 #1491

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 53 commits into from
Oct 8, 2025
Merged

[VAULTS] Audit fixes 4 #1491

merged 53 commits into from
Oct 8, 2025

Conversation

@tamtamchik
Copy link
Member

@tamtamchik tamtamchik commented Oct 1, 2025
edited by folkyatina
Loading

Whats fixed:

VaultHub:

  • better pause state in VaultHub
  • add obligationShortfallValue view
  • vault can be connected only by its owner
  • proper settling Lido fees on disconnect
    Lido:
  • better staking limit for external shares
  • make pause/resumeStaking in Lido revert if it's already paused/resumed
    NodeOperatorFee:
  • fix overflow-based DoS from NO side

tamtamchik and others added 19 commits September 26, 2025 17:21
@tamtamchik
fix: update pause on connect to fix #1477
4f45951
@tamtamchik
fix: apply resume to manual pause fix #1475
1ddf60c
@tamtamchik
feat: obligationsShortfallValue
7f9111f
@tamtamchik
chore: add new event
632baa2
@tamtamchik
chore: naming
b93776a
@tamtamchik
feat: draft for stakeLimit update
5c921dd
@folkyatina
fix(VaultHub): limit connectVault to the owner of the vault
3a38c5d
@folkyatina
chore: introduce a constant for 31 ether
a20b080
@folkyatina
fix: add a SafeCast on internalization
3309c0c
@dry914
feat: add vaultInfo function to lazyOracle
c3c83a0
@tamtamchik
feat: add tests and fix the code
8f48435
@tamtamchik
test(stakingLimit): add unit and fuzzing tests
ca9d5e1
@tamtamchik
chore: naming and simplify
5f988b1
@tamtamchik
chore: fix comments
97cbdb0
@dry914
fix: remove redundant errror
b921ad5
@dry914
chore: rename vaultInfo func
cc7ef3d
@tamtamchik
Merge pull request #1490 from lidofinance/feat/view-vault-info
3d55079
@tamtamchik
Merge pull request #1488 from lidofinance/feat/fix-staking-limit
8cf2746
@tamtamchik
chore: fixes after review
cb5a960
@tamtamchik tamtamchik requested a review from a team as a code owner October 1, 2025 09:24
@tamtamchik tamtamchik changed the title [VAULTS] Audit fixes 3 [VAULTS] Audit fixes 4 Oct 1, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 1, 2025
View reviewed changes
@github-actions
Copy link

github-actions bot commented Oct 1, 2025
edited
Loading

badge

Hardhat Unit Tests Coverage Summary

Filename                                                                Stmts    Miss  Cover    Missing
--------------------------------------------------------------------  -------  ------  -------  -----------------------------------------------------------------------------------------------------
contracts/0.4.24/Lido.sol                                                 280      11  96.07%   811-830, 926-938
contracts/0.4.24/StETH.sol                                                 80       0  100.00%
contracts/0.4.24/StETHPermit.sol                                           15       0  100.00%
contracts/0.4.24/lib/Packed64x4.sol                                         5       0  100.00%
contracts/0.4.24/lib/SigningKeys.sol                                       36       0  100.00%
contracts/0.4.24/lib/StakeLimitUtils.sol                                   41       0  100.00%
contracts/0.4.24/nos/NodeOperatorsRegistry.sol                            436       0  100.00%
contracts/0.4.24/utils/Pausable.sol                                         9       0  100.00%
contracts/0.4.24/utils/UnstructuredStorageExt.sol                          14       0  100.00%
contracts/0.4.24/utils/Versioned.sol                                        5       0  100.00%
contracts/0.6.12/WstETH.sol                                                17       0  100.00%
contracts/0.8.25/ValidatorExitDelayVerifier.sol                            75       0  100.00%
contracts/0.8.25/utils/AccessControlConfirmable.sol                         2       0  100.00%
contracts/0.8.25/utils/Confirmable2Addresses.sol                            5       0  100.00%
contracts/0.8.25/utils/Confirmations.sol                                   37       0  100.00%
contracts/0.8.25/utils/PausableUntilWithRoles.sol                           3       0  100.00%
contracts/0.8.25/utils/V3TemporaryAdmin.sol                                52      52  0.00%    83-217
contracts/0.8.25/vaults/LazyOracle.sol                                    120      13  89.17%   221, 270-273, 399, 411, 427, 474, 514-516, 591, 599
contracts/0.8.25/vaults/OperatorGrid.sol                                  189       0  100.00%
contracts/0.8.25/vaults/PinnedBeaconProxy.sol                               6       0  100.00%
contracts/0.8.25/vaults/StakingVault.sol                                  111      14  87.39%   307-341
contracts/0.8.25/vaults/ValidatorConsolidationRequests.sol                 48       3  93.75%   183, 187, 199
contracts/0.8.25/vaults/VaultFactory.sol                                   35       0  100.00%
contracts/0.8.25/vaults/VaultHub.sol                                      416      79  81.01%   250-259, 274-280, 335-356, 373, 458, 536-537, 579-672, 975-977, 1065-1069, 1125, 1180-1187, 1473-1491
contracts/0.8.25/vaults/dashboard/Dashboard.sol                           120       7  94.17%   177-195, 587-600
contracts/0.8.25/vaults/dashboard/NodeOperatorFee.sol                      65       0  100.00%
contracts/0.8.25/vaults/dashboard/Permissions.sol                          48       2  95.83%   339-348
contracts/0.8.25/vaults/interfaces/IPinnedBeaconProxy.sol                   0       0  100.00%
contracts/0.8.25/vaults/interfaces/IPredepositGuarantee.sol                 0       0  100.00%
contracts/0.8.25/vaults/interfaces/IStakingVault.sol                        0       0  100.00%
contracts/0.8.25/vaults/interfaces/IVaultFactory.sol                        0       0  100.00%
contracts/0.8.25/vaults/lib/PinnedBeaconUtils.sol                           5       0  100.00%
contracts/0.8.25/vaults/lib/RecoverTokens.sol                               5       0  100.00%
contracts/0.8.25/vaults/lib/RefSlotCache.sol                               36       0  100.00%
contracts/0.8.25/vaults/predeposit_guarantee/CLProofVerifier.sol           16       1  93.75%   214
contracts/0.8.25/vaults/predeposit_guarantee/MeIfNobodyElse.sol             3       0  100.00%
contracts/0.8.25/vaults/predeposit_guarantee/PredepositGuarantee.sol      212      12  94.34%   482-502, 531, 668, 675, 697
contracts/0.8.9/Accounting.sol                                             93       2  97.85%   342-343
contracts/0.8.9/BeaconChainDepositor.sol                                   21       2  90.48%   48, 51
contracts/0.8.9/Burner.sol                                                 92       0  100.00%
contracts/0.8.9/DepositSecurityModule.sol                                 128       0  100.00%
contracts/0.8.9/EIP712StETH.sol                                            16       0  100.00%
contracts/0.8.9/LidoExecutionLayerRewardsVault.sol                         16       0  100.00%
contracts/0.8.9/LidoLocator.sol                                            26       0  100.00%
contracts/0.8.9/OracleDaemonConfig.sol                                     28       0  100.00%
contracts/0.8.9/StakingRouter.sol                                         305       0  100.00%
contracts/0.8.9/TriggerableWithdrawalsGateway.sol                          54       1  98.15%   271
contracts/0.8.9/WithdrawalQueue.sol                                        88       0  100.00%
contracts/0.8.9/WithdrawalQueueBase.sol                                   146       0  100.00%
contracts/0.8.9/WithdrawalQueueERC721.sol                                  89       0  100.00%
contracts/0.8.9/WithdrawalVault.sol                                        32       0  100.00%
contracts/0.8.9/WithdrawalVaultEIP7002.sol                                 21       0  100.00%
contracts/0.8.9/lib/ExitLimitUtils.sol                                     35       0  100.00%
contracts/0.8.9/lib/Math.sol                                                4       0  100.00%
contracts/0.8.9/lib/PositiveTokenRebaseLimiter.sol                         22       0  100.00%
contracts/0.8.9/lib/UnstructuredRefStorage.sol                              2       0  100.00%
contracts/0.8.9/oracle/AccountingOracle.sol                               174       0  100.00%
contracts/0.8.9/oracle/BaseOracle.sol                                      89       1  98.88%   401
contracts/0.8.9/oracle/HashConsensus.sol                                  263       1  99.62%   1005
contracts/0.8.9/oracle/ValidatorsExitBus.sol                              138      10  92.75%   458-471, 541
contracts/0.8.9/oracle/ValidatorsExitBusOracle.sol                         52       1  98.08%   217
contracts/0.8.9/proxy/OssifiableProxy.sol                                  17       0  100.00%
contracts/0.8.9/proxy/WithdrawalsManagerProxy.sol                          60       0  100.00%
contracts/0.8.9/sanity_checks/OracleReportSanityChecker.sol               232      12  94.83%   307-309, 600-605, 800-835, 956
contracts/0.8.9/utils/DummyEmptyContract.sol                                0       0  100.00%
contracts/0.8.9/utils/PausableUntil.sol                                    31       0  100.00%
contracts/0.8.9/utils/Versioned.sol                                        11       0  100.00%
contracts/0.8.9/utils/access/AccessControl.sol                             23       0  100.00%
contracts/0.8.9/utils/access/AccessControlEnumerable.sol                    9       0  100.00%
contracts/common/utils/PausableUntil.sol                                   29       0  100.00%
TOTAL                                                                    4893     224  95.42%

Diff against master

Filename                                                                Stmts    Miss  Cover
--------------------------------------------------------------------  -------  ------  --------
contracts/0.4.24/Lido.sol                                                 +68     +11  -3.93%
contracts/0.4.24/StETH.sol                                                 +8       0  +100.00%
contracts/0.4.24/lib/StakeLimitUtils.sol                                   +4       0  +100.00%
contracts/0.4.24/nos/NodeOperatorsRegistry.sol                            -76       0  +100.00%
contracts/0.4.24/utils/UnstructuredStorageExt.sol                         +14       0  +100.00%
contracts/0.8.25/ValidatorExitDelayVerifier.sol                           +75       0  +100.00%
contracts/0.8.25/utils/AccessControlConfirmable.sol                        +2       0  +100.00%
contracts/0.8.25/utils/Confirmable2Addresses.sol                           +5       0  +100.00%
contracts/0.8.25/utils/Confirmations.sol                                  +37       0  +100.00%
contracts/0.8.25/utils/PausableUntilWithRoles.sol                          +3       0  +100.00%
contracts/0.8.25/utils/V3TemporaryAdmin.sol                               +52     +52  +100.00%
contracts/0.8.25/vaults/LazyOracle.sol                                   +120     +13  +89.17%
contracts/0.8.25/vaults/OperatorGrid.sol                                 +189       0  +100.00%
contracts/0.8.25/vaults/PinnedBeaconProxy.sol                              +6       0  +100.00%
contracts/0.8.25/vaults/StakingVault.sol                                 +111     +14  +87.39%
contracts/0.8.25/vaults/ValidatorConsolidationRequests.sol                +48      +3  +93.75%
contracts/0.8.25/vaults/VaultFactory.sol                                  +35       0  +100.00%
contracts/0.8.25/vaults/VaultHub.sol                                     +416     +79  +81.01%
contracts/0.8.25/vaults/dashboard/Dashboard.sol                          +120      +7  +94.17%
contracts/0.8.25/vaults/dashboard/NodeOperatorFee.sol                     +65       0  +100.00%
contracts/0.8.25/vaults/dashboard/Permissions.sol                         +48      +2  +95.83%
contracts/0.8.25/vaults/interfaces/IPinnedBeaconProxy.sol                   0       0  +100.00%
contracts/0.8.25/vaults/interfaces/IPredepositGuarantee.sol                 0       0  +100.00%
contracts/0.8.25/vaults/interfaces/IStakingVault.sol                        0       0  +100.00%
contracts/0.8.25/vaults/interfaces/IVaultFactory.sol                        0       0  +100.00%
contracts/0.8.25/vaults/lib/PinnedBeaconUtils.sol                          +5       0  +100.00%
contracts/0.8.25/vaults/lib/RecoverTokens.sol                              +5       0  +100.00%
contracts/0.8.25/vaults/lib/RefSlotCache.sol                              +36       0  +100.00%
contracts/0.8.25/vaults/predeposit_guarantee/CLProofVerifier.sol          +16      +1  +93.75%
contracts/0.8.25/vaults/predeposit_guarantee/MeIfNobodyElse.sol            +3       0  +100.00%
contracts/0.8.25/vaults/predeposit_guarantee/PredepositGuarantee.sol     +212     +12  +94.34%
contracts/0.8.9/Accounting.sol                                            +93      +2  +97.85%
contracts/0.8.9/Burner.sol                                                +21       0  +100.00%
contracts/0.8.9/LidoLocator.sol                                            +8       0  +100.00%
contracts/0.8.9/StakingRouter.sol                                         -11       0  +100.00%
contracts/0.8.9/TriggerableWithdrawalsGateway.sol                         +54      +1  +98.15%
contracts/0.8.9/WithdrawalVault.sol                                       +11       0  +100.00%
contracts/0.8.9/WithdrawalVaultEIP7002.sol                                +21       0  +100.00%
contracts/0.8.9/lib/ExitLimitUtils.sol                                    +35       0  +100.00%
contracts/0.8.9/oracle/AccountingOracle.sol                               -16      -2  +1.05%
contracts/0.8.9/oracle/ValidatorsExitBus.sol                             +138     +10  +92.75%
contracts/0.8.9/oracle/ValidatorsExitBusOracle.sol                        -39      -1  +0.28%
contracts/0.8.9/proxy/WithdrawalsManagerProxy.sol                         +60       0  +100.00%
contracts/0.8.9/sanity_checks/OracleReportSanityChecker.sol                 0     +12  -5.17%
contracts/common/utils/PausableUntil.sol                                  +29       0  +100.00%
TOTAL                                                                   +2031    +216  -3.62%

Results for commit: 88ce964

Minimum allowed coverage is 80%

♻️ This comment has been updated with latest results

folkyatina and others added 26 commits October 1, 2025 19:00
@folkyatina
chore: more intuitive constants in UnstructuredStorageExt
bdb71a9
@folkyatina
chore: optimize VaultHub bytecode
d9878f3
@folkyatina
docs(Dashboard): improve comments
92a32d7
@dry914
chore: update rights for ET contracts
3a99ddc
@folkyatina
fix(Lido): make staking pause/resume revert if paused/resumed
727bbb0
@folkyatina
fix(Lido): simplify the pause check
516f7e8
@folkyatina
Merge pull request #1489 from lidofinance/fix/vaulthub-polish
2ec78d2 
[VAULTS] Various audit fixes
@folkyatina
Merge pull request #1493 from lidofinance/fix/revertable-staking-pause
863eeb8 
fix(Lido): make staking pause/resume revert if paused/resumed
@folkyatina
fix(PDG): fix reentrancy path in PDG
8d4265f
@folkyatina
chore(PDG): fix indentation
66d902f
@arwer13
fix: upgrade after TW went live on mainnet
5af1280
@arwer13
chore: merge deployed-mainnet.json from develop
4f252fc
@arwer13
fix: more tidying up for V3VoteScript.sol
55c7e33
@tamtamchik
fix: #1476
6e7aac5
@tamtamchik
Merge remote-tracking branch 'origin/fix/upgrade-after-tw' into feat/…
294fd95 
…fix-1476
@arwer13
Merge pull request #1496 from lidofinance/fix/upgrade-after-tw
e66be55 
fix: upgrade after TW went live on mainnet
@arwer13
Merge pull request #1492 from lidofinance/feat/update-et-rights
482a944 
chore: update rights for ET contracts
@tamtamchik
Merge branch 'feat/audit-5' into feat/fix-1476
dd3312d
@tamtamchik
chore: fixes after review
c978a2e
@folkyatina
Merge pull request #1495 from lidofinance/fix/pdg-reentrancy
ed1d5d8 
fix(PDG): fix reentrancy path in PDG
@folkyatina
fix: overflow in node operator fee
c7320bb
@folkyatina
docs(PDG): more comments
a9091e2
@folkyatina
Merge pull request #1500 from lidofinance/fix/no-fees-overflow
8f8b86a 
fix: overflow in node operator fee
@tamtamchik
chore: probably better branching
1da30f1
@folkyatina
docs(VaultHub): clarify EIP-7002 withdrawal fee
12acdb5
@TheDZhon
Merge pull request #1498 from lidofinance/feat/fix-1476
88ce964 
fix disconnect process
@folkyatina folkyatina merged commit 5de69c2 into feat/vaults Oct 8, 2025
13 checks passed
@folkyatina folkyatina deleted the feat/audit-5 branch October 8, 2025 11:06
@folkyatina folkyatina added audit Issue comes as a result of an external audit vaults Lido stVaults related changes labels Nov 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

audit Issue comes as a result of an external audit vaults Lido stVaults related changes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@tamtamchik @folkyatina @dry914 @arwer13 @TheDZhon