search

code-423n4 / 2022-07-swivel-findings

0 stars 1 forks source link

zcTokens cannot be redeemed through authRedeemZcToken() #199

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Lines of code

https://github.com/code-423n4/2022-07-swivel/blob/main/Swivel/Swivel.sol#L620

Vulnerability details

Impact

The description of the function says "Allows users to redeem zcTokens and withdraw underlying, boiling up from the zcToken instead of starting on Swivel". In order for the function to be called, it needs to pass the modifier authorized(marketPlace), where marketPlace is the address of a deployed market place contract, but the MarketPlace.sol smart contract doesn't call this function anywhere, essentially turning it impossible to be reached by anyone, including the administrator, and unabling the tokens withdrawl.

Proof of Concept

#L620

  function authRedeemZcToken(uint8 p, address u, address c, address t, uint256 a) external authorized(marketPlace) returns(bool) {

Tools Used

-

Recommended Mitigation Steps

Add a function to MarketPlace.sol which calls this function, or remove the modifier.

JTraversa commented 2 years ago

Duplicate of #39

bghughes commented 2 years ago

Duplicate of #39