Closed code423n4 closed 1 year ago
Should be intentional, consider QA
thereksfour marked the issue as primary issue
TutaRicky marked the issue as sponsor disputed
This is by design correct (we don't want to have frontend
whitelisting).
thereksfour changed the severity to QA (Quality Assurance)
thereksfour marked the issue as grade-c
Lines of code
https://github.com/code-423n4/2023-03-wenwin/blob/91b89482aaedf8b8feb73c771d11c257eed997e8/src/Lottery.sol#L110 https://github.com/code-423n4/2023-03-wenwin/blob/91b89482aaedf8b8feb73c771d11c257eed997e8/src/Lottery.sol#L151
Vulnerability details
Impact
The ticket buyer can set himself as a frontend and the ticket buyer can claim rewards for each purchased ticket.
As the documentation says the frontend can gain 10% of rewards of each sale and the ticket buyer can get that percentage money back
Proof of Concept
There are not any validation that the ticket buyer can be added himself as a frontend.
Tools used
Foundry/Vscode
Recommended Mitigation Steps
Check that the ticket buyer is not the same as the frontend.