search

code-423n4 / 2023-06-canto-findings

1 stars 0 forks source link

Add check to disallow creation of Standard Denomination pool #100

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-06-canto/blob/main/Canto/x/coinswap/keeper/pool.go#L15

Vulnerability details

Impact

CreatePool does not check if the counterpartyDenom is a Standard Denomination. This can lead to creation of pools where the StandardDenom and the CounterpartyDenom are the same.

Code reference

https://github.com/code-423n4/2023-06-canto/blob/main/Canto/x/coinswap/keeper/pool.go#L15

// CreatePool create a liquidity that saves relevant information about popular pool tokens
func (k Keeper) CreatePool(ctx sdk.Context, counterpartyDenom string) types.Pool {
    sequence := k.getSequence(ctx)
    ...

Tools Used

Manual review

Recommended Mitigation Steps

Add a check to ensure that counterpartyDenom is not k.GetStandardDenom(ctx)

Assessed type

Other

c4-pre-sort commented 1 year ago

JeffCX marked the issue as low quality report

JeffCX commented 1 year ago

Lack of proof

c4-judge commented 1 year ago

0xean marked the issue as unsatisfactory: Insufficient quality