In GiantLP contract giant pool address is assigned without zero address check #135
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
edited-by-warden
unsatisfactory
does not satisfy C4 submission criteria; not eligible for awards
Comments
code423n4
added
2 (Med Risk)
|
dmvt marked the issue as unsatisfactory: |
c4-judge
added
the
unsatisfactory
|
Zero address checks are considered QA. |
|
Hit the wrong button... should be "Overinflated Severity" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Lines of code
https://github.com/code-423n4/2022-11-stakehouse/blob/4b6828e9c807f2f7c569e6d721ca1289f7cf7112/contracts/liquid-staking/GiantLP.sol#L19-L27
Vulnerability details
Impact
Without check the giant pool address its possible to assign inappropriate address for pool.
Proof of Concept
constructor(
address _pool,
address _transferHookProcessor,
string memory _name,
string memory _symbol
) ERC20(_name, _symbol) {
pool = _pool;
transferHookProcessor = ITransferHookProcessor(_transferHookProcessor);
}
We need to check the _pool parameter address before assigning to the pool. If its not a zero address then only
constructor(
address _pool,
address _transferHookProcessor,
string memory _name,
string memory _symbol
) ERC20(_name, _symbol) {
require(_pool !=address(0), " can't assign zero address to pool" ); // @ _pool address check
pool address only holding the giant Lp tokes. In this scenario the giant lp token can possible to deployed in zero address.
If its a zero address we can't mint or burn the Lp tokens.
because pool address only responsible to access the mint and burn functions.
Manual Audit with vscode
Recommended Mitigation Steps
pool address must be assigned after zero address check . The _pool is not equal to address(0)
The text was updated successfully, but these errors were encountered: