c4-judge
commented
1 year ago GalloDaSballo marked the issue as unsatisfactory: Invalid
Closed c4-submissions closed 1 year ago
c4-judge
commented
1 year ago GalloDaSballo marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-09-delegate/blob/main/src/PrincipalToken.sol#L33
Vulnerability details
Description:
The mint function in the PrincipalToken contract lacks a crucial ownership check before allowing token minting. While it correctly checks if the caller is the delegateToken contract to restrict minting to authorized contracts, it doesn't verify if the caller is the owner of the token being minted. This could potentially allow unauthorized users to mint tokens they do not own. The _checkDelegateTokenCaller() function does ensure that only authorized contracts can mint tokens. However, it does not prevent the delegateToken contract from minting tokens to any address, including addresses that do not own the token.
While the _checkDelegateTokenCaller() function ensures that only authorized contracts (like the delegateToken contract) can call the mint function, it doesn't inherently prevent the delegateToken contract from minting tokens to any address, including addresses that do not own the token. The authorization check in this code is based on the caller being the delegateToken contract rather than specifically checking ownership of the token.
Impact
The absence of an ownership check in the mint function has the following potential impacts:
Unauthorized Minting: Any address, including those that do not own the token, can call the mint function through the delegateToken contract. This could lead to the unauthorized minting of tokens by malicious actors.
Loss of Token Ownership Control: Token owners may lose control over their tokens, as they cannot ensure that only they can mint new tokens associated with their account.
Recommendation
Recommendation: To address this issue and improve the security of the PrincipalToken contract, the following recommendations are made:
Add Ownership Check: Modify the mint function to include an ownership check before allowing the minting operation. This can be achieved by verifying that the caller (msg.sender) is the owner of the token being minted.
function mint(address to, uint256 id) external { require(ownerOf(id) == msg.sender, "Caller is not the owner of the token"); _mint(to, id); IDelegateToken(delegateToken).mintAuthorizedCallback(); }
Assessed type
Other