Closed code423n4 closed 2 years ago
Dupulicate of (#5) I don't do much approve other than contract, so I think it's Low Risk.
The precondition is the minter being malicious, plus, the impact is low. The warden's recommendation is not too bad.
I'm making this a low
.
Grouping this with warden's QA report, #44
Lines of code
https://github.com/code-423n4/2022-02-jpyc/blob/cfc018384dd1d71febaa57f0576cb51f5d9c7e07/contracts/v2/FiatTokenV2.sol#L337-L347 https://github.com/code-423n4/2022-02-jpyc/blob/cfc018384dd1d71febaa57f0576cb51f5d9c7e07/contracts/v1/FiatTokenV1.sol#L327-L337
Vulnerability details
Configureminer is vulnerable Double spend
The function
configureMiner
atFiatTokenV1
andFiatTokenV2
is vulnerable to double spend the same asapprove()
ofEIP20
As you put in your dev comments you plan to use this function to update minterAllowed. The problem with that is that at a specific time the minterA (with A tokens allowed) is being updated to B tokens allowed. It can mint the A tokens before the transaction is mined and then get B extra tokens so being able to mint A+B.
Maybe you can consider implementing
increaseMinerAllowance()
anddecreaseMinerAllowance
or other similar solution.