0xleastwood
commented
2 years ago As far as I can tell, there are a lot of other things the owner can do. I don't think their threat model considers an owner to be malicious. Can you confirm @loki-sama ?
Closed code423n4 closed 2 years ago
0xleastwood
commented
2 years ago As far as I can tell, there are a lot of other things the owner can do. I don't think their threat model considers an owner to be malicious. Can you confirm @loki-sama ?
0xleastwood
commented
2 years ago Marking this as invalid due to it having a similar disputed reason to #285
Handle
Czar102
Vulnerability details
Impact
Owner can remove any tokens, and since lock all funds that the contract has in a specific token. The owner may engineer the deletion in such way that afraid people will fear next locks and quit the basket, then the owner may add the token back, gaining all of the tokens.
Of course the vulnerability doesn't focus on social engineering; the ability to lock any tokens is itself very critical.
Tools Used
Manual analysis
Recommended Mitigation Steps
Consider resigning from the
BasketFacet::removeToken(...)function or setting a confirmation period for this function.