search

sherlock-audit / 2024-04-titles-judging

9 stars 6 forks source link

recursiveEth - Title: Access Control Vulnerability in createEdge Function Allows Unauthorized Edge Creation #412

Closed sherlock-admin3 closed 4 months ago

sherlock-admin3 commented 5 months ago

recursiveEth

medium

Title: Access Control Vulnerability in createEdge Function Allows Unauthorized Edge Creation

Summary

The createEdge function lacks access control, allowing any address to call it and create edges. However, related functions such as createEdges have access control implemented through the onlyRolesOrOwner(ADMIN_ROLE) modifier.

Vulnerability Detail

The vulnerability lies in the createEdge function, where there is no access control check. This means any external address can call the function and create edges in the graph without restriction.

Impact

The lack of access control in the createEdge function can lead to unauthorized creation of edges by any address, potentially disrupting the integrity of the graph data.

Code Snippet

https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/graph/TitlesGraph.sol#L64

function createEdge(
    Node calldata from_,
    Node calldata to_,
    bytes calldata data_
) external override returns (Edge memory edge) {
    if (!_isEntity(from_, msg.sender)) revert Unauthorized();
    return _createEdge(from_, to_, data_);
}

Tool used

Manual Review

Recommendation

Implement access control in the createEdge function to ensure that only authorized entities can create edges. This could involve applying the same access control mechanism (onlyRolesOrOwner(ADMIN_ROLE)) used in the createEdges function.

ccashwell commented 5 months ago

Not valid, this is expected behavior. Any entity can create edges where the from is representing the caller, which functions as designed.