mgf15 - Owner can steal user funds

[sherlock-admin4]

mgf15

medium

Owner can steal user funds

Summary

The vulnerability lies in the ability of an owner to add a user to the blacklist and potentially seize their funds. This could lead to a loss of trust in the protocol among users.

Vulnerability Detail

The addBlackList function allows an owner, with the BLACKLISTER_ROLE, to add a user to the blacklist without any checks for user consent or safeguards against unauthorized actions. then the _onceBlacklisted function send the user funds to the owner, with the BLACKLISTER_ROLE.

Impact

Users may lose trust in the protocol due to the risk of having their funds seized without proper justification or recourse.

Code Snippet

function addBlackList(
        address user
    ) public virtual onlyRole(BLACKLISTER_ROLE) {
        if (blacklisted(user)) revert AlreadyBlacklisted(user);
        _setBlacklist(user, true);
        _onceBlacklisted(user);
        emit AddedBlacklist(user);
    }

link

function _onceBlacklisted(address user) internal override {
        _transfer(user, _msgSender(), balanceOf(user));
    }

link

Tool used

Manual Review

Recommendation

Consider implementing a refund mechanism to compensate users if they are removed from the blacklist. Additionally, introduce checks and balances to ensure that blacklisting actions are justified and transparent, and provide users with the ability to dispute unjust blacklisting.

[sherlock-admin4]

1 comment(s) were left on this issue during the judging contest.

WangAudit commented:

Owner's trusted