[med] Allowing admin_authority to create RebateInfo will create DoS for ClaimRebateFee instruction
Summary
This issue is from rebate_manager program.
CreateRebateInfo instruction is allowing admin_authority also along with the authority to create the RebateInfos. Meanwhile in ClaimRebateFee context, the rebate_info is verified with check rebate_info.authority == rebate_manager.authority. So the RebateInfos created by rebate_manager.admin_authority wont pass this check, the respective users were effected as they can't claim the rebate.
Root Cause
The root cause is contradiction between the
Allowing admin_authority to create RebateInfo using CreateRebateInfo instruction.
Checking rebate_info.authority == rebate_manager.authority in ClaimRebateFee instruction
Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
If an RebateInfo was create by admin_authority.
The ClaimRebate instruciton fails for that RebateInfo
Impact
DoS for the RebateInfos if they are created by the admin_authority.
Hot Paisley Copperhead
Medium
[med] Allowing admin_authority to create
RebateInfo
will create DoS forClaimRebateFee
instructionSummary
This issue is from
rebate_manager
program.CreateRebateInfo
instruction is allowingadmin_authority
also along with theauthority
to create theRebateInfo
s. Meanwhile inClaimRebateFee
context, the rebate_info is verified with checkrebate_info.authority == rebate_manager.authority
. So theRebateInfo
s created byrebate_manager.admin_authority
wont pass this check, the respective users were effected as they can't claim the rebate.Root Cause
The root cause is contradiction between the
RebateInfo
usingCreateRebateInfo
instruction.rebate_info.authority == rebate_manager.authority
inClaimRebateFee
instructionInternal pre-conditions
No response
External pre-conditions
No response
Attack Path
Impact
DoS for the RebateInfos if they are created by the admin_authority.
PoC
CreateRebateInfo - https://github.com/sherlock-audit/2024-08-woofi-solana-deployment/blob/main/WOOFi_Solana/programs/rebate_manager/src/instructions/admin/create_rebate_info.rs#L16-L17 ClaimRebateInfo - https://github.com/sherlock-audit/2024-08-woofi-solana-deployment/blob/main/WOOFi_Solana/programs/rebate_manager/src/instructions/claim_rebate_fee.rs#L26
Mitigation
Allow
rebate_manager.admin_authority
also forrebate_info.authority
inClaimRebate
instruction.