Closed howlbot-integration[bot] closed 1 month ago
koolexcrypto changed the severity to QA (Quality Assurance)
koolexcrypto marked the issue as grade-c
This previously downgraded issue has been upgraded by koolexcrypto
koolexcrypto marked the issue as duplicate of #687
koolexcrypto marked the issue as duplicate of #218
koolexcrypto changed the severity to QA (Quality Assurance)
Lines of code
https://github.com/code-423n4/2024-07-traitforge/blob/279b2887e3d38bc219a05d332cbcb0655b2dc644/contracts/EntityForging/EntityForging.sol#L126
Vulnerability details
Impact player are consistently overcharged due to the lack of a refund mechanism in
EntityForging::forgeWithListed
this below require condition is expecting the fee to either be equal or greater than the expected fee without accounting for the excess to be transfered back to the playerrequire(msg.value >= forgingFee, "Insufficient fee for forging");
transfering back to the player will bring trust and total accountabilityProof of Concept The vulnerable line is been pointed to, also you will notice the protocol failure to account for exccess to be sent back.
Recommended Mitigation: Either the check is changed to only equal to or implement a check that will give total account of the excess funds such validation was also used by the protocol to account for excess in TraitForge::mintToken`
Assessed type
Other