Closed code423n4 closed 1 year ago
bytes032 marked the issue as duplicate of #1500
bytes032 marked the issue as low quality report
GalloDaSballo marked the issue as unsatisfactory: Overinflated severity
Losing my last few hairs
GalloDaSballo marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/core/RdpxV2Core.sol#L403 https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/amo/UniV2LiquidityAmo.sol#L126 https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/amo/UniV3LiquidityAmo.sol#L139
Vulnerability details
Impact
Malicious allowance spenders will be able to spend more than the protocol intended.
Proof of Concept
When modifying the approved allowance of a spender address there is an issue with the spender address front-running the modification transaction and spending it before getting more tokens with the new allowance. This allows such a malicious spender to spend more than intended by the protocol.
Tools Used
Manual Review
Recommended Mitigation Steps
Consider adding a parameter with the current allowance and checking whether it matches the one at the time of executing the transaction.
Here is an example of how a fix can be implemented:
Assessed type
Other