search

code-423n4 / 2023-10-canto-findings

0 stars 1 forks source link

Access control vulnerability due to dismissive git & test politics #280

Closed c4-submissions closed 1 year ago

c4-submissions commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-10-canto/blob/main/canto_ambient/contracts/callpaths/LiquidityMiningPath.sol#L65-L81

Vulnerability details

Impact

High risk access control vulnerability due to overutilizing rewards logic

Proof of Concept

https://github.com/code-423n4/2023-10-canto/blob/main/canto_ambient/contracts/callpaths/LiquidityMiningPath.sol#L65-L81

Commenting out accessibility checks may lead to overutilizing existing rewards logic

Tools Used

Manual review

Recommended Mitigation Steps

git diff test coverage code review

Assessed type

Access Control

c4-pre-sort commented 1 year ago

141345 marked the issue as duplicate of #4

c4-pre-sort commented 1 year ago

141345 marked the issue as sufficient quality report

c4-judge commented 1 year ago

dmvt marked the issue as unsatisfactory: Invalid