Closed code423n4 closed 2 years ago
cccz
The mintSynth function and the mintFungible function are not verified from==msg.sender, causing anyone to use other people’s tokens to mint Synth or LP tokens for themselves
https://github.com/code-423n4/2021-12-vader/blob/main/contracts/dex-v2/pool/VaderPoolV2.sol#L153-L194
https://github.com/code-423n4/2021-12-vader/blob/main/contracts/dex-v2/pool/VaderPoolV2.sol#L311-L361
Manual analysis
Add the following code to the mintSynth function and mintFungible function
require(from == msg.sender);
Dup of #147
jack-the-pug
commented
2 years ago
Handle
cccz
Vulnerability details
Impact
The mintSynth function and the mintFungible function are not verified from==msg.sender, causing anyone to use other people’s tokens to mint Synth or LP tokens for themselves
Proof of Concept
https://github.com/code-423n4/2021-12-vader/blob/main/contracts/dex-v2/pool/VaderPoolV2.sol#L153-L194
https://github.com/code-423n4/2021-12-vader/blob/main/contracts/dex-v2/pool/VaderPoolV2.sol#L311-L361
Tools Used
Manual analysis
Recommended Mitigation Steps
Add the following code to the mintSynth function and mintFungible function