Sparkn

CodeFox Inc.

DeFiFoundryProxy

15,000 USDC

View results

Previous Next

Submission Details

Severity: high

Valid

The function distributeByOwner(...) doesn't properly check if contest expired

kaliberpoziomka

Summary

The function distributeByOwner(...) allows for distributing tokens from the proxy address with arbitrary salt, in effect allowing to distribute funds for non-expired contests.

Vulnerability Details

The function distributeByOwner(...) allows the owner to distribute funds from the given proxy only after it is expired, i.e. after closeTime + EXPIRATION_TIME. However, the function allows does not check if provided proxy address corresponds to the salt computed from the organizer, contestId, and implementation arguments. In effect, the fetched timestamp stored in saltToCloseTime[salt] may not correspond to provided proxy address.

Impact

This may result in the owner mistakenly making a call to an arbitrary address and in effect distributing funds from a non-expired proxy address.

Tools Used

Manual review

Recommendations

Consider retrieving the proxy address by calling getProxyAddress(...) with provided implementation and computed salt, instead of providing proxy as an argument to distributeByOwner(...)

Prize pool breakdown

Total prize

15,000 USDC

nSLOC

194

77 USDC / LOC

High Medium

14,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.