CreatePool does not check if the counterpartyDenom is a Standard Denomination. This can lead to creation of pools where the StandardDenom and the CounterpartyDenom are the same.
// CreatePool create a liquidity that saves relevant information about popular pool tokens
func (k Keeper) CreatePool(ctx sdk.Context, counterpartyDenom string) types.Pool {
sequence := k.getSequence(ctx)
...
Tools Used
Manual review
Recommended Mitigation Steps
Add a check to ensure that counterpartyDenom is not k.GetStandardDenom(ctx)
Lines of code
https://github.com/code-423n4/2023-06-canto/blob/main/Canto/x/coinswap/keeper/pool.go#L15
Vulnerability details
Impact
CreatePool
does not check if the counterpartyDenom is a Standard Denomination. This can lead to creation of pools where the StandardDenom and the CounterpartyDenom are the same.Code reference
https://github.com/code-423n4/2023-06-canto/blob/main/Canto/x/coinswap/keeper/pool.go#L15
Tools Used
Manual review
Recommended Mitigation Steps
Add a check to ensure that
counterpartyDenom
is notk.GetStandardDenom(ctx)
Assessed type
Other