search

code-423n4 / 2023-06-canto-findings

1 stars 0 forks source link

Users potentially cannot have Canto token swapped automatically when bridging assets to the Canto Network #76

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-06-canto/blob/a4ff2fd2e67e77e36528fad99f9d88149a5e8532/Canto/x/onboarding/types/params.go#L81-L83

Vulnerability details

Impact

If the field AutoSwapThreshold is set to zero value, the logic that compares standardCoinBalance to the autoSwapThreshold always evaluates to false so there isn't any swap operation from bridged asset to Canto token for users. Therefore, the purpose of the onboarding module, which aims to help users outside of Canto onboard seamlessly, has failed.

Proof of Concept

When boostraping Canto Network nodes, onboarding module genesis state has been initialized and field AutoSwapThreshold is set to zero.

After that, Bob uses Gravity Bridge for transferring whitelisted assets to Canto Network, his Canto token balance will not be increased so he still has no fund to pay gas for transactions on Canto Network.

Recommended Mitigation Steps

Change conditional expression in function validateAutoSwapThreshold at line 81 in file Canto/x/onboarding/types/params.go from 

if v.IsNegative() {}

to

if !v.IsPositive() {}

Assessed type

Invalid Validation

JeffCX commented 1 year ago

Recommended severity level: QA

c4-pre-sort commented 1 year ago

JeffCX marked the issue as low quality report

JeffCX commented 1 year ago

if the AutoSwapThreshold is set to 0, what the warden describes is the expected behavior, no swap happens

c4-judge commented 1 year ago

0xean marked the issue as unsatisfactory: Invalid