Missing validation on questionTimeout during MarketFactory creation

hats-finance / SeeR-PM-0x899bc13919880db76edf4ccd72bdfa5dfa666fb7

1 stars 0 forks source link

Missing validation on questionTimeout during MarketFactory creation #108

Open hats-bug-reporter[bot] opened 2 days ago

hats-bug-reporter[bot] commented 2 days ago

Github username: @cpp-phoenix Twitter username: 0xrochimaru Submission hash (on-chain): 0xc07837a551cb803c09ace237966d6a027466387bdbc91485b9f22e31c133ed70 Severity: low

Description: Description\ There is a missing check in the constructor of MarketFactory.sol to ensure questionTimeout > 0. Otherwise createMarket() will revert.

Attack Scenario\ The method realitio.askQuestionWithMinBond() reverts with error timeout must be positive.

Recommendations\ Add the following check in the constructor of MarketFactory.sol.

if(_questionTimeout == 0) {
    revert INVALID_TIMEOUT();
}

greenlucid commented 2 days ago

If realitio is already reverting, what's the point of reverting internally?

cpp-phoenix commented 2 days ago

@greenlucid If MarketFactory reverts then the contract will not be created. The deployer can provide a valid config. But if the factory contact is created with _questionTimeout = 0 then All the createMarket() calls will revert result in an unwanted DoS.

greenlucid commented 2 days ago

A DoS to the network, you mean? Variables setup at deployment of core contracts with obviously wrong values are out of scope, since it would be obvious that no markets can be created and everything would be redeployed again. In the sample deployments you can see it was deployed properly

clesaege commented 1 day ago

As per competition rules, are excluded:

Issues which can arise at deployment time but which didn't arise in the provided deployments.