search

code-423n4 / 2022-02-aave-lens-findings

0 stars 0 forks source link

Ineffective Whitelist #30

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Lines of code

https://github.com/code-423n4/2022-02-aave-lens/blob/aaf6c116345f3647e11a35010f28e3b90e7b4862/contracts/core/LensHub.sol#L146

Vulnerability details

Creating profiles through LensHub.createProfile requires the caller to be whitelisted.

function _validateCallerIsWhitelistedProfileCreator() internal view {
    if (!_profileCreatorWhitelisted[msg.sender]) revert Errors.ProfileCreatorNotWhitelisted();
}

However, a single whitelisted account can create as many profiles as they want and send the profile NFT to other users. They can create unlimited profiles on behalf of other users which makes the whitelist not effective.

Recommended Mitigation Steps

Consider limiting the number of profile creations per whitelisted user or severely limiting who is allowed to create profiles, basically making profile creation a centralized system.

oneski commented 2 years ago

Declined, this is by design.

Governance will decide what contracts are allowed to mint via the allowlist. If governance wishes to have a more centralized system, it will only approve contracts that have numerical caps within their code.

0xleastwood commented 2 years ago

I agree with the sponsor, I think this can already be handled by the governance strictly approving contracts with numerical caps or limiting the allowlist of who can create a profile. As such, I'm inclined to mark this as invalid because the recommendation can already be implemented or adhered to by the governance.

0xleastwood commented 2 years ago

In light of another issue, I will mark this as a valid issue because #66 outlines a similar concern. The two issues reference different parts of the codebase so I think its fair to keep them distinct. However, I'd normally like to see a bit more detail on how non-whitelisted users can benefit from an infinite minter.