search

sherlock-audit / 2024-06-allora-judging

0 stars 0 forks source link

LZ_security - Malicious Whitelist Admin can prevent itself from being deleted #113

Closed sherlock-admin2 closed 4 months ago

sherlock-admin2 commented 4 months ago

LZ_security

Medium

Malicious Whitelist Admin can prevent itself from being deleted

Summary

Malicious Whitelist Admin can prevent itself from being deleted

Vulnerability Detail

Adding a Whitelist Admin checks whether the admin is in the list, and removing the Whitelist also checks whether the admin is in the list.

After an admin is added to the admin list, you can add or remove other admins.

If there is an admin who is malicious, he can make himself never removed by:

  1. Add one of his other accounts to the admin list, and if he is removed, he will be added back to the other account.

  2. If he finds that another admin(adminX) wants to remove himself, he will remove adminX first. After adminX is removed, he cannot remove himself without permission.

Impact

Malicious Admin cannot be deleted

Code Snippet

https://github.com/sherlock-audit/2024-06-allora/blob/main/allora-chain/x/emissions/keeper/msgserver/msg_server_whitelist.go#L9-L49

Tool used

Manual Review

Recommendation

Modify the admin management mode.

sherlock-admin3 commented 4 months ago

1 comment(s) were left on this issue during the judging contest.

0xmystery commented:

README mentions that "All admins are super admins in that they can add and remove each other. All risks associated with that are acceptable risks."