Closed howlbot-integration[bot] closed 1 month ago
koolexcrypto changed the severity to QA (Quality Assurance)
koolexcrypto marked the issue as grade-c
This previously downgraded issue has been upgraded by koolexcrypto
koolexcrypto marked the issue as duplicate of #687
koolexcrypto marked the issue as duplicate of #218
koolexcrypto changed the severity to QA (Quality Assurance)
Lines of code
https://github.com/code-423n4/2024-07-traitforge/blob/279b2887e3d38bc219a05d332cbcb0655b2dc644/contracts/EntityForging/EntityForging.sol#L126
Vulnerability details
Impact
The function forgeWithListed has a check that may cause potential loss for Nft owners.
Proof of Concept
In EntityForging.sol contract
forgeWithListed
function can be called by merger owners so that they can forge their Nfts with forger tokens. The following check:ensures that the value provided by the merger owner is greater and equal to the fee set by forger owner.However if merger owner unintentionally (a typo) provide greater than forgingFee, there is no code that refunds the excess amount to the user. Therefore this check is an open door to a possible vulnerability that result in potential loss for merger owners.
Tools Used
Manual Review, Vs Code
Recommended Mitigation Steps
There are 2 possible mitigations: First implement exact amount with the fee. As it is done in EntityTrade contract buyNft Second adjust the code to prevent any potential loss due to overpayment.
Assessed type
Invalid Validation