Detect when msg.sender is not used as from in transferFrom.
Summary
msg.sender is not used as from in transferFrom.
Vulnerability Details
This vulnerability is related to the depositand 'withdraw' function lines 56-67 and 84-96 where the transferFrom method is used. The transferFrom method is designed to move tokens from a specific address to another. However, in this case, the from address is provided as an argument to the deposit'withdraw' function and not necessarily the msg.sender. This means that a malicious actor could potentially call the deposit 'withdraw' function with another user's address as the from argument, leading to unauthorized token transfers. This vulnerability could be exploited if the from address has approved the contract to spend tokens on its behalf. The contract does not validate if msg.sender is the same as the from address, which is a security risk.
Tools Used
Manual
Recommendations
To resolve this issue, you should add a check to ensure that the msg.sender is the same as the from address. This will prevent unauthorized token transfers. Here is how you can modify the deposit function:
This modification adds a require statement that will revert the transaction if the msg.sender is not the same as the from address. This ensures that only the address that owns the tokens can initiate the transfer.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.