search

code-423n4 / 2023-10-nextgen-findings

5 stars 3 forks source link

Uses a dangerous strict equality can affect the logic and security of a contract #1655

Closed c4-submissions closed 10 months ago

c4-submissions commented 11 months ago

Lines of code

https://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/XRandoms.sol#L28

Vulnerability details

Impact

Use of strict equalities that can be easily manipulated by an attacker.

Proof of Concept

Using strict equalities to determine if an account has enough Ether or tokens (something that can be easily manipulated by an attacker) can lead to unexpected outcomes. For example, an attacker can send a very small amount of Ether (less than 1 wei) to a contract that checks if the balance is equal to a certain amount, and trigger a condition that should not be met.

Link :- https://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/XRandoms.sol#L28 ''' function getWord(uint256 id) private pure returns (string memory) {

    // array storing the words list
    string[100] memory wordsList = ["Acai", "Ackee", "Apple", "Apricot", "Avocado", "Babaco", "Banana", "Bilberry", "Blackberry", "Blackcurrant", "Blood Orange", 
    "Blueberry", "Boysenberry", "Breadfruit", "Brush Cherry", "Canary Melon", "Cantaloupe", "Carambola", "Casaba Melon", "Cherimoya", "Cherry", "Clementine", 
    "Cloudberry", "Coconut", "Cranberry", "Crenshaw Melon", "Cucumber", "Currant", "Curry Berry", "Custard Apple", "Damson Plum", "Date", "Dragonfruit", "Durian", 
    "Eggplant", "Elderberry", "Feijoa", "Finger Lime", "Fig", "Gooseberry", "Grapes", "Grapefruit", "Guava", "Honeydew Melon", "Huckleberry", "Italian Prune Plum", 
    "Jackfruit", "Java Plum", "Jujube", "Kaffir Lime", "Kiwi", "Kumquat", "Lemon", "Lime", "Loganberry", "Longan", "Loquat", "Lychee", "Mammee", "Mandarin", "Mango", 
    "Mangosteen", "Mulberry", "Nance", "Nectarine", "Noni", "Olive", "Orange", "Papaya", "Passion fruit", "Pawpaw", "Peach", "Pear", "Persimmon", "Pineapple", 
    "Plantain", "Plum", "Pomegranate", "Pomelo", "Prickly Pear", "Pulasan", "Quine", "Rambutan", "Raspberries", "Rhubarb", "Rose Apple", "Sapodilla", "Satsuma", 
    "Soursop", "Star Apple", "Star Fruit", "Strawberry", "Sugar Apple", "Tamarillo", "Tamarind", "Tangelo", "Tangerine", "Ugli", "Velvet Apple", "Watermelon"];

    // returns a word based on index
  @>  if (id==0) {
        return wordsList[id];
    } else {
        return wordsList[id - 1];
    }
    }

'''

Tools Used

Recommended Mitigation Steps

Don't use strict equality to determine if an account has enough Ether or tokens. To avoid this vulnerability, you should use inequalities or SafeMath library to compare balances or amounts. For example, instead of using require(balance == amount), you should use require(balance >= amount) or require(balance.sub(amount) >= 0)

Assessed type

Other

c4-pre-sort commented 10 months ago

141345 marked the issue as insufficient quality report

alex-ppg commented 10 months ago

The Warden specifies that strict equalities should not be utilized, however, they fail to articulate why the equality referenced could lead to the formation of any form of attack.

c4-judge commented 10 months ago

alex-ppg marked the issue as unsatisfactory: Insufficient proof