search

code-423n4 / 2022-02-concur-findings

2 stars 0 forks source link

Unconstrained fee #242

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Lines of code

https://github.com/code-423n4/2022-02-concur/blob/main/contracts/MasterChef.sol#L86-L101

Vulnerability details

Impact

Token fee in MasterChef can be set to more than 100%, (for example by accident) causing all deposit calls to fail due to underflow on subtraction when reward is lowered by the fee, thus breaking essential mechanics. Note that after the fee has been set to any value, it cannot be undone. A token cannot be removed, added, or added the second time. Thus, mistakenly (or deliberately, maliciously) added fee that is larger than 100% will make the contract impossible to recover from not being able to use the token.

Tools Used

Manual analysis

Recommended Mitigation Steps

On setting fee ensure that it is below a set maximum, which is set to no more than 100%.

GalloDaSballo commented 2 years ago

The warden has identified admin privilege that would enable them to set the deposit fee to 100% The value can also be increased above 100% to cause a denial of service to the user.

Mitigation would require offering a more appropriate upper limit to the fee