Closed code423n4 closed 2 years ago
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/core/InfinityExchange.sol#L1266-L1269
Admins can attack users by frontrunning them
In the function setProtocolFee#InfinityExchange.sol
setProtocolFee#InfinityExchange.sol
function setProtocolFee(uint16 _protocolFeeBps) external onlyOwner { PROTOCOL_FEE_BPS = _protocolFeeBps;@audit medium emit NewProtocolFee(_protocolFeeBps); }
Admins can front-run user by setting PROTOCOL_FEE_BPS to 10000 which is 100%. At the time of transfer protocolFee =amount and remaimingAmount=0
PROTOCOL_FEE_BPS
protocolFee =amount
remaimingAmount=0
Add a maximum reasonable limit for the fee (for example 5 or 10%)
https://github.com/code-423n4/2021-05-nftx-findings/issues/51
https://github.com/code-423n4/2021-06-gro-findings/issues/78
Dupe https://github.com/code-423n4/2022-06-infinity-findings/issues/259
Lines of code
https://github.com/code-423n4/2022-06-infinity/blob/765376fa238bbccd8b1e2e12897c91098c7e5ac6/contracts/core/InfinityExchange.sol#L1266-L1269
Vulnerability details
Impact
Admins can attack users by frontrunning them
Poc
In the function
setProtocolFee#InfinityExchange.sol
Admins can front-run user by setting
PROTOCOL_FEE_BPS
to 10000 which is 100%. At the time of transferprotocolFee =amount
andremaimingAmount=0
Recommended
Add a maximum reasonable limit for the fee (for example 5 or 10%)
Similar issues
https://github.com/code-423n4/2021-05-nftx-findings/issues/51
https://github.com/code-423n4/2021-06-gro-findings/issues/78