-
Notifications
You must be signed in to change notification settings - Fork 0
Anyone can crash transferTo #261
Copy link
Copy link
Open
Labels
1 (Low Risk)Assets are not at risk. State handling, function incorrect as to spec, issues with commentsAssets are not at risk. State handling, function incorrect as to spec, issues with commentsbugSomething isn't workingSomething isn't workingresolvedFinding has been patched by sponsor (sponsor pls link to PR containing fix)Finding has been patched by sponsor (sponsor pls link to PR containing fix)sponsor confirmedSponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Description
Metadata
Metadata
Assignees
Labels
1 (Low Risk)Assets are not at risk. State handling, function incorrect as to spec, issues with commentsAssets are not at risk. State handling, function incorrect as to spec, issues with commentsbugSomething isn't workingSomething isn't workingresolvedFinding has been patched by sponsor (sponsor pls link to PR containing fix)Finding has been patched by sponsor (sponsor pls link to PR containing fix)sponsor confirmedSponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Handle
pauliax
Vulnerability details
Impact
function transferTo allows transferring amount from beneficiary to any address. However, 'to' is considered valid when it does not have an amount locked yet:
It locks this amount for releaseVars[beneficiary].endTime. Because the blockchain is public, a malicious actor could monitor the mempool, and crash any attempt of transferTo by frontrunning it and calling transferTo with the smallest fraction (dust) from his own address to the 'to' address, making it unavailable to receive new locks for some time (even 4 years is possible?).
Recommended Mitigation Steps
A few possible solutions would be to introduce a reasonable minimum amount to transfer or add a 2-step approval, where 'to' first have to approve the beneficiary.