search

sherlock-audit / 2024-10-ethos-network-judging

0 stars 0 forks source link

0xpetern - Lack of check if an address is compromised thereby allowing a malicious address to be invited #235

Open sherlock-admin2 opened 3 weeks ago

sherlock-admin2 commented 3 weeks ago

0xpetern

Medium

Lack of check if an address is compromised thereby allowing a malicious address to be invited

Summary

The missing check in inviteAddress would allow a compromised address to be invited to create a profile.

For instance, if a profile is found malicious and flagged down, the address used in creating that profile should not be able to create another profile through an invite. If allowed, an attacker can continue to create havoc for the users

Root Cause

in ethosProfile.sol:208, there is no check to ensure that an address being invited is a compromised addresss or malicious address. https://github.com/sherlock-audit/2024-10-ethos-network/blob/main/ethos/packages/contracts/contracts/EthosProfile.sol#L208

function inviteAddress(
    address invitee
  ) public whenNotPaused onlyNonZeroAddress(invitee) checkIfCompromised(invitee) {
    (bool verified, bool archived, bool mock, uint256 profileId) = profileStatusByAddress(
      msg.sender
    );

    if (!verified || archived || mock) {
      revert InvalidSender();
    }

    (bool recipientExists, , bool recipientMock, ) = profileStatusByAddress(invitee);

    if (recipientExists && !recipientMock) {
      revert ProfileExists(profileId);
    }

    uint256 profile = profileIdByAddress[msg.sender];

    _profileShouldHaveInvites(profile);

    _isAddressAlreadyInvited(profile, invitee);

    sentInviteIndexByProfileIdAndAddress[profile][invitee] = profiles[profile]
      .inviteInfo
      .sent
      .length;
    profiles[profile].inviteInfo.sent.push(invitee);
    profiles[profile].inviteInfo.available--;
    sentAt[profile][invitee] = block.timestamp;
    emit UserInvited(profile,

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

1.THIS BREAKS THE STATEMENT IN ETHOSPROFILE TECHNICAL DOC; The address must not be compromised or already associated with another profile.

  1. Opens the protocol to fraudulent activities

PoC

No response

Mitigation

Implement a check in inviteAddress function that explicitly checks if the address being invited is compromised or is associated with a profile that has been marked as malicious