Closed code423n4 closed 1 year ago
141345 marked the issue as low quality report
Picodes marked the issue as unsatisfactory: Invalid
" (followTokenOwner != transactionExecutor) would turn out false" -> then followTokenOwner == transactionExecutor
so what is the issue? This is very unclear.
Lines of code
https://github.com/code-423n4/2023-07-lens/blob/main/contracts/FollowNFT.sol#L118-L125 https://github.com/code-423n4/2023-07-lens/blob/main/contracts/FollowNFT.sol#L319-L327
Vulnerability details
Impact
From L118-L125 & L319-L327 of FollowNFT.sol contract, unfollow() and _followWithWrappedToken() functions are performing 4 and 5 "logical AND" operations(&&) respectively. Using "logical AND" operations in coding is generally seen as strength and intensity but in these cases it is weakness! as it is having more negative effect than positive due the tough constrains needed to revert when a user/attacker "Does not have Permission", this is because every one of those conditions must be met before a reversion occurs. To put it in simple terms an attacker simply needs to pass 1/4 & 1/5 of the "logical AND" operations to complete execution of these functions without reversion.
Proof of Concept
https://github.com/code-423n4/2023-07-lens/blob/main/contracts/FollowNFT.sol#L118-L125 https://github.com/code-423n4/2023-07-lens/blob/main/contracts/FollowNFT.sol#L319-L327