Closed code423n4 closed 2 years ago
https://github.com/code-423n4/2022-06-nested/blob/main/contracts/NestedFactory.sol#L175
Admin can sweep any token even if the token is in use by the contract. Ideally only non blacklisted tokens should be allowed by unlockTokens function
function unlockTokens(IERC20 _token) external override onlyOwner { uint256 amount = _token.balanceOf(address(this)); SafeERC20.safeTransfer(_token, msg.sender, amount); emit TokensUnlocked(address(_token), amount); }
Add a check to disallow all tokens which are used by the contract
NestedFactory does not store funds The unlockFunction is here only to retrieve funds in case a user send funds to the contract even if they should not to
NestedFactory
unlockFunction
Lines of code
https://github.com/code-423n4/2022-06-nested/blob/main/contracts/NestedFactory.sol#L175
Vulnerability details
Impact
Admin can sweep any token even if the token is in use by the contract. Ideally only non blacklisted tokens should be allowed by unlockTokens function
Recommended Mitigation Steps
Add a check to disallow all tokens which are used by the contract