search

sherlock-audit / 2024-05-pooltogether-judging

2 stars 0 forks source link

newt - Missing Authorization Check in `delegate` Function #155

Closed sherlock-admin2 closed 1 month ago

sherlock-admin2 commented 1 month ago

newt

medium

Missing Authorization Check in delegate Function

Summary

The delegate function allows msg.sender to initiate a delegation from _vault to _to without verifying if msg.sender has the necessary permissions or role to perform this action on behalf of _vault.

Vulnerability Detail

Any user can call the delegate function and delegate authority from _vault to any address, leading to unauthorized changes

Impact

This can lead to unauthorized users being able to delegate authority

Code Snippet

function delegate(address _vault, address _to) external { _delegate(_vault, msg.sender, _to); }

https://github.com/sherlock-audit/2024-05-pooltogether/blob/main/pt-v5-twab-controller/src/TwabController.sol#L524-L526

Tool used

Manual Review

Recommendation

Ensure that msg.sender has the necessary permissions to delegate on behalf of _vault and include an error to handle unauthorized calls.

nevillehuang commented 1 month ago

Invalid, access control is gated to caller of delegation represented by msg.sender