c4-pre-sort
commented
1 year ago JeffCX marked the issue as low quality report
Closed code423n4 closed 1 year ago
c4-pre-sort
commented
1 year ago JeffCX marked the issue as low quality report
c4-pre-sort
commented
1 year ago JeffCX marked the issue as primary issue
c4-judge
commented
1 year ago 0xean marked the issue as unsatisfactory: Insufficient quality
Lines of code
https://github.com/code-423n4/2023-06-canto/blob/main/Canto/x/coinswap/keeper/swap.go#L43 https://github.com/code-423n4/2023-06-canto/blob/main/Canto/x/coinswap/keeper/swap.go#L131 https://github.com/code-423n4/2023-06-canto/blob/main/Canto/x/coinswap/keeper/pool.go#L77
Vulnerability details
Impact
inputReserve and outputReserve is gotten from the reservePool return However reservePool could be nil and since not handled or checked it results to inaccurate inputReserve and outputReserve
Proof of Concept
inputReserve and outputReserve are gotten using the reservePool, which is gotten from the
GetPoolBalancesfunction. This function returns the liquidity pool as well as an err variable which could be contain error or be nil which is checked and handled when called, However the reservePool could also return nil when acc == nil (https://github.com/code-423n4/2023-06-canto/blob/main/Canto/x/coinswap/keeper/pool.go#L77) but isn't handled and is neglected by the protocol when calledTools Used
Manual Review
Recommended Mitigation Steps
Don't only check the err variable returned and neglect the reservePool value returned from the
GetPoolBalances. Check or handle the value returned for the reservePool variableAssessed type
Invalid Validation