code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2022-11-paraspace/blob/c6820a279c64a299a783955749fdc977de8f0449/paraspace-core/contracts/ui/WPunkGateway.sol#L77 https://github.com/code-423n4/2022-11-paraspace/blob/c6820a279c64a299a783955749fdc977de8f0449/paraspace-core/contracts/ui/WPunkGateway.sol#L129 https://github.com/code-423n4/2022-11-paraspace/blob/c6820a279c64a299a783955749fdc977de8f0449/paraspace-core/contracts/ui/WPunkGateway.sol#L167

Vulnerability details

Impact

External functions supplyPunk, acceptBidWithCredit, and batchAcceptBidWithCredit in WPunkGateway contract do not provide the possibility for buying punks directly. Indeed, since these functions are not payable, users cannot send ether to them and buy punks directly.

Proof of Concept

https://github.com/code-423n4/2022-11-paraspace/blob/c6820a279c64a299a783955749fdc977de8f0449/paraspace-core/contracts/ui/WPunkGateway.sol#L77

https://github.com/code-423n4/2022-11-paraspace/blob/c6820a279c64a299a783955749fdc977de8f0449/paraspace-core/contracts/ui/WPunkGateway.sol#L129

https://github.com/code-423n4/2022-11-paraspace/blob/c6820a279c64a299a783955749fdc977de8f0449/paraspace-core/contracts/ui/WPunkGateway.sol#L167

Recommended Mitigation Steps

External functions supplyPunk, acceptBidWithCredit, and batchAcceptBidWithCredit in WPunkGateway contract should be payable and also msg.value should be added to buyPunk call.

c4-judge commented 1 year ago

dmvt marked the issue as duplicate of #105

c4-judge commented 1 year ago

dmvt marked the issue as partial-50

c4-judge commented 1 year ago

dmvt marked the issue as unsatisfactory: Invalid

code-423n4 / 2022-11-paraspace-findings

External functions supplyPunk, acceptBidWithCredit, and batchAcceptBidWithCredit should provide the possibility to buy punk directly #461

Lines of code

Vulnerability details

Impact

Proof of Concept

Recommended Mitigation Steps