The creator can perform a DoS attack which will make users unable to buy tokens
Description:
On each call, the function buyToken in ERC20TokenEmitter.sol sends a cut of the funds to the creator's address by using .call{...}. If the creator decides, they have the power to make the function unusable by making their fallback function always revert.
Proof of Concept:
Since a part of the cut is sent to the creator's address by calling their fallback function each time the buyToken is executed by using .call{}(which calls the receiver's fallback function) they have the power to make the buying impossible by making sure that their fallback function reverts every time that it is called. Users will not be able to buy tokens.
ERC20TokenEmitter.sol
The creator's cut is being sent to them by calling their fallback function.
This makes the contract vulnerable to a DoS attack.
Consider using .transfer or making a creator's balance and a separate function that will allow the creator to withdraw their funds. By doing so, the function for buying tokens will only be responsible for its purpose and everyone else that should receive a cut will be able to withdraw their funds separately.
Lines of code
https://github.com/code-423n4/2023-12-revolutionprotocol/blob/main/packages/revolution/src/ERC20TokenEmitter.sol#L196
Vulnerability details
HIGH
The
creator
can perform a DoS attack which will make users unable to buy tokensDescription:
On each call, the function
buyToken
inERC20TokenEmitter.sol
sends a cut of the funds to the creator's address by using.call{...}
. If thecreator
decides, they have the power to make the function unusable by making their fallback function always revert.Proof of Concept:
Since a part of the cut is sent to the creator's address by calling their fallback function each time the
buyToken
is executed by using.call{}
(which calls the receiver's fallback function) they have the power to make the buying impossible by making sure that their fallback function reverts every time that it is called. Users will not be able to buy tokens.ERC20TokenEmitter.sol
The creator's cut is being sent to them by calling their fallback function. This makes the contract vulnerable to a DoS attack.
The following is a test function proving that the creator can perform a DoS attack and make the buying of tokens impossible.
You can test it by putting this code in the
ERC20TokenEmitter.t.sol
.Tools Used:
Foundry, VS Code
Recommended Mitigation Steps:
Consider using
.transfer
or making a creator's balance and a separate function that will allow the creator to withdraw their funds. By doing so, the function for buying tokens will only be responsible for its purpose and everyone else that should receive a cut will be able to withdraw their funds separately.Assessed type
DoS