search

code-423n4 / 2023-09-centrifuge-findings

16 stars 14 forks source link

Some Outgoing functions are not supported on the gateway #764

Closed c4-submissions closed 1 year ago

c4-submissions commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-09-centrifuge/blob/512e7a71ebd9ae76384f837204216f26380c9f91/src/gateway/Gateway.sol#L84

Vulnerability details

Impact

The gateway serves both outgoing and incoming calls, All incoming calls should have corresponding outgoing calls and vice versa However, some incoming calls like addPool() , allowPoolCurrency() , addTranche() have no corresponding calls via the gateway contract. They cannot be sent. Some outgoing calls like increaseRedeemOrder() have no corresponding incoming call. This is particularly an issue because all this calls have their individual message type, hence could lead to DOS when trying to receive this functions.

Proof of Concept

All calls here cannot be mapped 1 -> 1 , hence some of the incoming functions in handle cannot be sent https://github.com/code-423n4/2023-09-centrifuge/blob/512e7a71ebd9ae76384f837204216f26380c9f91/src/gateway/Gateway.sol#L200-L366

Tools Used

Manual Review.

Recommended Mitigation Steps

Examine all functions and make sure they all have sender functions and Receiver functions

Assessed type

Error

c4-pre-sort commented 1 year ago

raymondfam marked the issue as low quality report

c4-pre-sort commented 1 year ago

raymondfam marked the issue as duplicate of #375

c4-judge commented 1 year ago

gzeon-c4 marked the issue as unsatisfactory: Invalid