search

code-423n4 / 2023-10-ethena-findings

5 stars 5 forks source link

Missing Implementation of ERC-165 Interface in `USDeSilo` Contract #294

Open c4-submissions opened 10 months ago

c4-submissions commented 10 months ago

Lines of code

https://github.com/code-423n4/2023-10-ethena/blob/main/contracts/USDeSilo.sol#L12

Vulnerability details

Impact

The USDeSilo contract lacks the implementation of the supportsInterface(bytes4) function, a standard requirement specified by ERC-165. This omission could potentially hinder interoperability with other contracts and applications that rely on this interface detection mechanism. Without this function, external contracts may face challenges in determining the capabilities of the USDeSilo contract, leading to limited integration possibilities.

Proof of Concept

Output form slither:

# Check USDeSilo

## Check functions
[ ] supportsInterface(bytes4) is missing

Tools Used

VS Code, Slither

Recommended Mitigation Steps

To resolve this issue, the contract owner should implement the supportsInterface(bytes4) function as per the ERC-165 standard. The function should return true for the ERC-165 interface identifier and any other relevant interfaces used by the contract, such as ERC-20 and other custom interfaces. By implementing this function, the contract will comply with the ERC-165 standard, ensuring seamless integration and interaction with other Ethereum contracts and applications.

Assessed type

Other

c4-pre-sort commented 10 months ago

raymondfam marked the issue as low quality report

c4-pre-sort commented 10 months ago

raymondfam marked the issue as primary issue

raymondfam commented 10 months ago

Informational. QA at best.

c4-judge commented 10 months ago

fatherGoose1 changed the severity to QA (Quality Assurance)

c4-judge commented 10 months ago

fatherGoose1 marked the issue as grade-b