The Some ERC20 tokens such as USDT and USDC allows blacklisting certain user addresses from transferring tokens. When this blacklisted address is a part of the holders, the distribute(uint256 numDistributions) will revert leading to a denial of service.
Impact
The distribute(uint256 numDistributions) will lead to denial to service
Proof of Concept
Tools Used
Manual Review
Recommended Mitigation Steps
Implement a check for blacklisted address to the distribute(uint256 numDistributions) function.
Lines of code
https://github.com/code-423n4/2024-02-althea-liquid-infrastructure/blob/main/liquid-infrastructure/contracts/LiquidInfrastructureERC20.sol#L198
Vulnerability details
Description
The Some ERC20 tokens such as USDT and USDC allows blacklisting certain user addresses from transferring tokens. When this blacklisted address is a part of the holders, the distribute(uint256 numDistributions) will revert leading to a denial of service.
Impact
The distribute(uint256 numDistributions) will lead to denial to service
Proof of Concept
Tools Used
Manual Review
Recommended Mitigation Steps
Implement a check for blacklisted address to the distribute(uint256 numDistributions) function.
Assessed type
DoS