Closed howlbot-integration[bot] closed 3 months ago
0x API gives quotes that are then respected. Validating whole paths is unfeasible due to gas limits. PoC for other vulnerabilities is not provided.
koolexcrypto marked the issue as primary issue
koolexcrypto marked the issue as unsatisfactory: Invalid
Lines of code
https://vscode.dev/github/code-423n4/2024-05-loop/blob/main/src/PrelaunchPoints.sol#L414
Vulnerability details
Impact
The
_validateData
function conducts preliminary checks on certain parameters, including the input token, input amount, and the selector. However, it is important to note that this function does not extend its validation to verify the integrity of the swap path or to confirm the accuracy of the amounts received post-swap.The absence of comprehensive validation measures could potentially expose the contract to security vulnerabilities, particularly in scenarios where the data provided by the 0x API is inaccurate or subject to manipulation.
However, it is important to note that this function does not extend its validation to verify the integrity of the swap path or to confirm the accuracy of the amounts received post-swap.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Tools Used
Manual
Recommended Mitigation Steps
Validate the swap path to ensure it only includes trusted tokens and exchanges. Verify the amounts received post-swap match the expected minimums or estimates.Introduce a
minBuyAmount
parameter to theclaim
andclaimAndStake
functions to set a floor for acceptable ETH received. This parameter should be carried through the_validateData
and_fillQuote
functions to prevent swaps below the minimum threshold.Assessed type
Invalid Validation