Closed sherlock-admin4 closed 1 week ago
1 comment(s) were left on this issue during the judging contest.
Hash01011122 commented:
Low/Info Vulnerability
The protocol team fixed this issue in the following PRs/commits: https://github.com/SYMM-IO/protocol-core/pull/55
The Lead Senior Watson signed off on the fix.
slowfi
Medium
sendQuote
function may always revertSummary
The new
sendQuote
function will always revert asPartyAFacetImpl.sol
checks on PartyAFacetImpl.sol#L72 that is a valid affiliate. There is not task nor script that registers address(0) as a valid affiliate. Also creating a valid affiliate with address zero may lead to improper storage of collected fees.Vulnerability Detail
The
sendQuoteWithAffiliate
function is designed to handle fee distribution by specifying an affiliate address. However, the previous functionsendQuote
forces the affiliate address to be zero. Due to the check at L72 onPartyAFacetImpl.sol
, the function reverts if the affiliate is not valid. Since address(0) cannot be a valid affiliate, this scenario causes the function to fail. Moreover, attempting to create a valid affiliate with address zero would result in improper fee storage, leading to fees being stores on the storage of the zero address.Impact
Lack of intended operation functionality and/or improper fee handling.
Code Snippet
sendQuote
calls `` with address(0) as affiliate. PartyAFacet.sol#L132sendQuote
of implementation facet that may revert PartyAFacetImpl.sol#L72Tool used
Manual Review
Recommendation
Consider removing this function. Or creating other workflow for address zero affiliates.
Duplicate of #22