c4-bot-6 commented 10 months ago

Lines of code

https://github.com/code-423n4/2024-01-curves/blob/516aedb7b9a8d341d0d2666c23780d2bd8a9a600/contracts/Curves.sol#L240-L244

Vulnerability details

Impact

Fees are transferred using the _transferFees function when Curves tokens are bought or sold. Inside this function there is an external call to the referral address to transfer their fees. If the referral address is a contract containing a fallback or receive function they could control the market for their Curves token by adding functionality such as pausing or whitelisting.

Proof of Concept

https://github.com/code-423n4/2024-01-curves/blob/516aedb7b9a8d341d0d2666c23780d2bd8a9a600/contracts/Curves.sol#L240-L244

(bool success3, ) = referralDefined
                    ? referralFeeDestination[curvesTokenSubject].call{value: referralFee}("")
                    : (true, bytes(""));
                if (!success3) revert CannotSendFunds();

Tools Used

Manual Review

Recommended Mitigation Steps

None

Assessed type

Other

c4-pre-sort commented 10 months ago

raymondfam marked the issue as insufficient quality report

c4-pre-sort commented 10 months ago

raymondfam marked the issue as duplicate of #1061

c4-judge commented 9 months ago

alcueca marked the issue as unsatisfactory: Invalid

c4-judge commented 9 months ago

alcueca marked the issue as unsatisfactory: Invalid

c4-judge commented 9 months ago

alcueca marked the issue as unsatisfactory: Invalid

code-423n4 / 2024-01-curves-findings

https://github.com/code-423n4/2024-01-curves/blob/516aedb7b9a8d341d0d2666c23780d2bd8a9a600/contracts/Curves.sol#L240-L244 #1489

Lines of code

Vulnerability details

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

Assessed type