search

code-423n4 / 2022-02-aave-lens-findings

0 stars 0 forks source link

On the Minting Delegate Is Not Moved #58

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Lines of code

https://github.com/code-423n4/2022-02-aave-lens/blob/main/contracts/core/FollowNFT.sol#L69

Vulnerability details

Impact

The origin (SushiToken) has a warning (L8 - https://github.com/sushiswap/sushiswap/blob/6aa1d786785a447aa1224280e06ac09e4c82e06f/contracts/SushiToken.sol#L8) about this issue. The issue allows to mint any number of delegation votes. In the delegation, minting process should move delegated.

Proof of Concept

  1. Navigate to the following contract.
https://github.com/code-423n4/2022-02-aave-lens/blob/main/contracts/core/FollowNFT.sol#L69

Tools Used

Code Review

Recommended Mitigation Steps

Consider calling _moveDelegates function in the mint function.


 _moveDelegate(address(0), delegatee, 1);
liveactionllama commented 2 years ago

On Thursday 02/17/2022, the warden requested to add:

Regarding to the following submission "C4 Aave Lens finding: On the Minting Delegate Is Not Moved" I would like to burn() function too. On the burn too, delegates are not moved. Thank you so much.

Zer0dot commented 2 years ago

This is handled in _beforeTokenTransfer.

0xleastwood commented 2 years ago

Agreed, this is already handled. _mint() will call _beforeTokenTransfer(address(0), to, tokenId). This function ultimately does _moveDelegate(address(0), delegatee, 1) which is the fix outlined by the warden.