Open hats-bug-reporter[bot] opened 2 months ago
We're leaving it to the asset managers to decide which tokens, if any, they want to add to the whitelist. This allows users to make an informed decision about depositing into the portfolio, knowing whether there are any whitelisted tokens or if the asset manager could potentially rebalance to any token. Blacklisting is not required from our side. @olaoyesalem
Github username: @olaoyesalem Twitter username: salthegeek1 Submission hash (on-chain): 0x2122410e3f5dd82a172841c7e603cdd2ff03dba5a87f1f8fcb168e5047c79735 Severity: high
Description: Description\ The
TokenWhitelistManagement
contract does not check if a token address is blacklisted before adding it to the whitelist. This oversight can lead to security and compliance issues by allowing blacklisted or malicious tokens to participate in the platform.Attack Scenario\ The TokenWhitelistManagement contract manages the whitelisting of tokens, ensuring that only authorized tokens are used within the system. The contract initializes with a list of whitelisted tokens and sets the flag for token whitelisting. The relevant functions are as follows:
Operational Risk: Malicious or blacklisted tokens could disrupt the normal operations of the platform, affecting the user experience and trust in the system.
Exploitation Scenario
An attacker identifies a token that is blacklisted but not checked during the whitelisting process. The attacker submits this blacklisted token to be added to the whitelist. The system adds the blacklisted token to the whitelist, allowing it to participate in the platform. The attacker exploits the platform using the blacklisted token, causing potential harm. Attachments
Proof of Concept (PoC) File
Revised Code File (Optional) To mitigate this vulnerability, implement a check for blacklisted tokens before adding them to the whitelist. Here's an example of how you can do this: Add a Blacklist Check: Update the
_addTokensToWhitelist
function to include a blacklist check. Maintain a Blacklist: Ensure there is a mechanism to manage and update a blacklist of token addresses.