cryptofish7
commented
2 years ago Duplicate of #8
Closed code423n4 closed 2 years ago
cryptofish7
commented
2 years ago Duplicate of #8
dmvt
commented
2 years ago Assets are not at risk. The worst case is that there is lost gas and the contracts need to be redeployed. Consider creating these contracts and calling their initialize functions in a factory to mitigate the issue if not adding the guard.
1 — Low (L): vulns that have a risk of 1 are considered “Low” severity when assets are not at risk. Includes state handling, function incorrect as to spec, and issues with comments.
Handle
Meta0xNull
Vulnerability details
Impact
Bad actor may monitor mempool, front run LaunchEvent initialize() and replace address _issuer. With Privilege of issuer, bad actor can withdraw fund and causing users lose money.
Proof of Concept
https://github.com/code-423n4/2022-01-trader-joe/blob/main/contracts/LaunchEvent.sol#L216-L217 https://github.com/code-423n4/2022-01-trader-joe/blob/main/contracts/LaunchEvent.sol#L258
Tools Used
Manual Review
Recommended Mitigation Steps
In Line 258: Before: issuer = _issuer;
After: issuer = msg.sender;