search

sherlock-audit / 2023-07-blueberry-judging

2 stars 1 forks source link

Oxhunter526 - Inadequate Verification of Collateral Token and ID #70

Closed sherlock-admin2 closed 1 year ago

sherlock-admin2 commented 1 year ago

Oxhunter526

medium

Inadequate Verification of Collateral Token and ID

Summary

The smart contract contains a section of code that fails to adequately verify the compatibility of collateral tokens and their corresponding IDs before updating position data. This oversight could potentially lead to unintended consequences during the collateral addition process.

Vulnerability Detail

Within the function putCollateral, there exists a condition that checks whether the provided collateral token and ID match those stored within the Position structure. The purpose of this check is to ensure the collateral being added aligns with the expected collateral of the given position. However, there are scenarios that could allow this verification to be bypassed.

if (pos.collToken != collToken || pos.collId != collId) {
    // Code executed when collateral token or ID do not match
    // ...
}

The code snippet shows that if the provided collToken or collId does not match the corresponding values stored in the Position, certain actions are taken. However, the lack of a robust verification mechanism allows for potential manipulation of these values, thus bypassing the expected behavior.
Because the verification relies solely on equality checks, there's a potential for malicious actors to modify or manipulate the collToken and collId parameters in a way that makes them appear legitimate while still being different from the stored values. This could lead to bypassing the intended behavior and carrying out actions that should not be allowed.

Impact

A possible impact of this vulnerability is the misrepresentation of collateral tokens associated with a position. Malicious actors could exploit this weakness to falsely update the collateral token and ID for a position, resulting in erroneous calculations, misreporting, and potentially even unauthorized access to the position's benefits.

Code Snippet

( https://github.com/sherlock-audit/2023-07-blueberry/blob/main/blueberry-core/contracts/BlueBerryBank.sol#L841-L870 )

Tool used

Manual Review

Recommendation

Modify the verification code to immediately revert the transaction if the collToken or collId parameters do not match the stored values. This ensures that any attempt to provide mismatched or manipulated data results in the transaction being rejected.

if (pos.collToken != collToken || pos.collId != collId) {
    revert("Invalid collateral token or ID");
}
sherlock-admin2 commented 1 year ago

4 comment(s) were left on this issue during the judging contest.

shogoki commented:

Report is not adequately describing an issue.

0xyPhilic commented:

invalid because even by bypassing and entering the if statement if the pos.collateralSize is greater than 0 it means that it is an invalid operation and the call will revert

darkart commented:

Invalid

Kral01 commented:

need a PoC otherwise remains low severity