Closed sherlock-admin2 closed 8 months ago
1 comment(s) were left on this issue during the judging contest.
auditsea commented:
This issue describes about collateral duplication by admin function call, not important
1 comment(s) were left on this issue during the judging contest.
auditsea commented:
This issue describes about collateral duplication by admin function call, not important
dany.armstrong90
medium
The collateralToken can be duplicated in LibUbiquityPool.
Summary
In
LibUbiquityPool.sol#addCollateralToken
function, it didn't check duplication ofcollateral
. So thecollateralToken
can be duplicated and it is impossible to solve this problem.Vulnerability Detail
LibUbiquityPool.sol#addCollateralToken
function is as follows.As we can see above, newly added
collateralAddress
is not checked for duplication. But inL642
it setscollateralIndex
of newly addedcollateralAddress
. So if you add same collateral twice,poolStorage.collateralIndex[collateralAddress]
indicates secondly addedindex
. Therefore, inLibUbiquityPool.sol#collateralInformation, setCollateralChainLinkPriceFeed
it is impossible to operate withcollateralIndex
added first and we cannot delete thatindex
.Impact
The
collateral
can be duplicated so it can cause unexpected errors.Code Snippet
https://github.com/sherlock-audit/2023-12-ubiquity/blob/main/ubiquity-dollar/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol#L639-L642
Tool used
Manual Review
Recommendation
LibUbiquityPool.sol#addCollateralToken
function has to check duplication ofcollateral
as follows.Duplicate of #27