Sparkn

CodeFox Inc.
DeFiFoundryProxy
15,000 USDC
View results
Previous Next
Submission Details
Severity: low

The organizer may have his funds stuck until the owner can call `distributeByOwner`

jonatascm

Summary

Providing incorrect data to ProxyFactory during the deployment and distribution of tokens can cause the tokens to become stuck in the Proxy contract.

Vulnerability Details

To call the newly deployed Proxy contract, the organizer must input the correct data. If the data is implemented incorrectly and calls other functions like the getConstants function, all tokens may become stuck in the Proxy contract.

POC

Using the file in test/integration/ProxyFactoryTest.sol

To run add this function to the file and call forge test --mt testStuckProxy

function testStuckProxy() public setUpContestForJasonAndSentJpycv2Token(organizer) {
// before
assertEq(MockERC20(jpycv2Address).balanceOf(user1), 0 ether);
assertEq(MockERC20(jpycv2Address).balanceOf(stadiumAddress), 0 ether);
bytes32 randomId_ = keccak256(abi.encode("Jason", "001"));
//@audit if the organizer calls wrong function.
bytes memory data = abi.encodeWithSelector(Distributor.getConstants.selector);
vm.warp(9 days); // 9 days later
vm.startPrank(organizer);
address proxy = proxyFactory.deployProxyAndDistribute(randomId_, address(distributor), data);
vm.stopPrank();
//@audit the tokens got stuck in proxy
assertEq(MockERC20(jpycv2Address).balanceOf(proxy), 10000 ether);
}

Impact

The organizer may have all their funds stuck in the Proxy contract. This has a low impact because the funds will be stuck until the owner call distributeByOwner and get the stuck tokens in contract.

Tools Used

Manual Review

Recommendations

It is recommended to change to logic in ProxyFactory to call the right function in the Proxy contract, enabling the organizer to only insert the params.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.