Closed c4-submissions closed 10 months ago
raymondfam marked the issue as low quality report
raymondfam marked the issue as duplicate of #17
alex-ppg marked the issue as not a duplicate
This check is taken care of by the Gnosis Safe deployer directly, alongside threshold restrictions and other such rudimentary sanitizations against the deployment of a Gnosis Safe.
alex-ppg marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-10-brahma/blob/dd0b41031b199a0aa214e50758943712f9f574a0/contracts/src/core/SafeDeployer.sol#L90-L92 https://github.com/code-423n4/2023-10-brahma/blob/dd0b41031b199a0aa214e50758943712f9f574a0/contracts/src/core/SafeDeployer.sol#L82-L103
Vulnerability details
Impact
address(0) is allowed to be an owner of a console account and subAccount
Proof of Concept
In both deployConsoleAccount function and deploySubAccount function in the SafeDeploy contract, there is no check against passing address(0) as owners or part of the owners.
https://github.com/code-423n4/2023-10-brahma/blob/dd0b41031b199a0aa214e50758943712f9f574a0/contracts/src/core/SafeDeployer.sol#L82-L103
https://github.com/code-423n4/2023-10-brahma/blob/dd0b41031b199a0aa214e50758943712f9f574a0/contracts/src/core/SafeDeployer.sol#L90-L92
Tools Used
Manual review
Recommended Mitigation Steps
I suggest a check against having address(0) as an owner.
Assessed type
Other