Closed code423n4 closed 1 year ago
contested; every account has 2^96 conduit keys namespaced to them and is free to deploy as many conduits as they like (though it'd be a huge waste for them to do so). whitelisting would introduce unnecessary central control over the protocol.
Feature, not bug...?
HickupHH3 marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/ProjectOpenSea/seaport/blob/5de7302bc773d9821ba4759e47fc981680911ea0/contracts/conduit/ConduitController.sol#L56-L84
Vulnerability details
Impact
In function createConduit, https://github.com/ProjectOpenSea/seaport/blob/5de7302bc773d9821ba4759e47fc981680911ea0/contracts/conduit/ConduitController.sol#L56 users can falsify their keys by providing their address in the first 20bytes of the conduitkey. Being able to create as many conduits as someone wants.
Proof of Concept
Given the check that opensea is making:
you can derive that if you try different random keys with your address in front, all will pass:
Tools Used
manual
Recommended Mitigation Steps
Add a maximum amount of conduits that a user can create or make a whitelisting process in order to create a conduit.