0xd4n1el
commented
5 months ago We assume the data is correct so this should not happen, however this can apply as QA to make the contract clearer
Closed howlbot-integration[bot] closed 5 months ago
0xd4n1el
commented
5 months ago We assume the data is correct so this should not happen, however this can apply as QA to make the contract clearer
c4-judge
commented
5 months ago koolexcrypto marked the issue as duplicate of #8
c4-judge
commented
5 months ago koolexcrypto changed the severity to 3 (High Risk)
c4-judge
commented
5 months ago koolexcrypto changed the severity to QA (Quality Assurance)
c4-judge
commented
5 months ago koolexcrypto marked the issue as grade-c
Lines of code
https://github.com/code-423n4/2024-05-loop/blob/main/src/PrelaunchPoints.sol#L439
Vulnerability details
Impact
The check in the _validateData function allows address(0) to be the recipient of the ETH received from the swap from exchange. In that case the sell token and Eth both will be lost and also it will lead to miscalculation of userStake.
Proof of Concept
the check here in this line https://github.com/code-423n4/2024-05-loop/blob/main/src/PrelaunchPoints.sol#L439 will affect the process in the _claim function https://github.com/code-423n4/2024-05-loop/blob/main/src/PrelaunchPoints.sol#L254 The transaction wont revert and validate the zero address as a recipient and then _fillQuote function will be called and tokens swapped will be sent to recipient address(0), that will lead to the loss of both sell token and ETH bought.
Tools Used
Manual Review
Recommended Mitigation Steps
omit zero address check, allow only contract address to be the recipient of bought Eth from swap. if (recipient != address(this)) { revert WrongRecipient(recipient); }
Assessed type
Other