mTOFT.wrap()/unwrap() It is not correct to restrict only balancers can call;
Vulnerability Detail
docs:
"mTOFT" or "Meta-tOFT" are an extension of the tOFT which act as a "liquidity reunification wrapper", for assets deployed on multiple blockchains such as mtETH. Meta tOFT offers the ability for users to deposit WETH from Ethereum, Optimism, and Arbitrum in one market via mtWETH.
Wrapping ETH from any non-host chain (non-Arbitrum) bears a 0.5% mint fee in order to protect the protocol from cross chain arbitrage. Secondarily, mTOFT has a "mint cap" which caps the total amount of mtETH which can be minted at one time, which is equivalent to the usable amount in Big Bang, or equal to the mtETH Big Bang market debt ceiling.
There should be no permission restrictions on this, but at present, the restrictions can only be balancers'
function wrap(address _fromAddress, address _toAddress, uint256 _amount)
external
payable
whenNotPaused
nonReentrant
returns (uint256 minted)
{
@> if (balancers[msg.sender]) revert mTOFT_BalancerNotAuthorized();
if (!connectedChains[_getChainId()]) revert mTOFT_NotHost();
if (mintCap > 0) {
if (totalSupply() + _amount > mintCap) revert mTOFT_CapNotValid();
}
...
function unwrap(address _toAddress, uint256 _amount) external nonReentrant whenNotPaused {
if (!connectedChains[_getChainId()]) revert mTOFT_NotHost();
@> if (balancers[msg.sender]) revert mTOFT_BalancerNotAuthorized();
_unwrap(_toAddress, _amount);
}
Impact
Wrong permission limit, other users can't execute it.
bin2chen
medium
mTOFT.wrap/unwrap incorrect permission restriction
Summary
mTOFT.wrap()/unwrap()
It is not correct to restrict only balancers can call;Vulnerability Detail
docs:
There should be no permission restrictions on this, but at present, the restrictions can only be balancers'
Impact
Wrong permission limit, other users can't execute it.
Code Snippet
https://github.com/sherlock-audit/2024-02-tapioca/blob/main/TapiocaZ/contracts/tOFT/mTOFT.sol#L294
Tool used
Manual Review
Recommendation