search

hats-finance / SafeStaking-by-HOPR-0x607386df18b663cf5ee9b879fbc1f32466ad5a85

HOPR is an open incentivized mixnet which enables privacy-preserving point-to-point data exchange. HOPR is similar to Tor but actually private, decentralized and economically sustainable.
https://hoprnet.org
GNU General Public License v3.0
0 stars 1 forks source link

address payable in contract but no means to withdraw Ethers #53

Open hats-bug-reporter[bot] opened 1 year ago

hats-bug-reporter[bot] commented 1 year ago

Github username: -- Submission hash (on-chain): 0x63f3d8b1e124ef3ce4c7437e2d4926aa1c9dadaf3e016bfc75608cbd95cfd6d5 Severity: medium

Description: Description\ The safeProxyAddr made payable for deployed safe proxy contract safeProxy, which allows the contract to accept ether sent to contract but does not have any means to withdraw the funds.

Attack Scenario\ A user may send ethers to the deployed safeProxy contract and will get stuck as the contract does not have means to withdraw the received ethers.

Attachments https://github.com/hoprnet/hoprnet/blob/master/packages/ethereum/contracts/src/node-stake/NodeStakeFactory.sol#L123

  1. Proof of Concept (PoC) File

The clone function in NodeStakeFactory.sol have address payable which allows a user to send ether to the contract.

address payable safeProxyAddr = payable(address(safeProxy));
  1. Revised Code File (Optional)

The first option is to remove payable from safeProxyAddr variable.

-   address payable safeProxyAddr = payable(address(safeProxy));
+   address safeProxyAddr = safeProxy;

The second option is to create a function in NodeStakeFactory.sol contract to withdraw or transfer ethers.

QYuQianchen commented 1 year ago

payable is required in Safe's interface