stake.link

DeFiHardhatBridge

27,500 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

Transfer Tokens.

0xgenaudits

Summary

Token LockId can be transfered to same user which effects the protocol.

Vulnerability Details

user can _transfer token LockId to himself so the _updateRewards(from) and _updateRewards(to) execute the same address.

a user has 2 addresses 0x11111 and 0x22222.
the user approve lockId 1 to address 0x22222.
now the user from address 0x22222 uses transferFrom(0x11111, 0x11111, 1) to transfer lockId 1 from 0x11111 to 0x11111.
and now _updateRewards executed for address 0x11111 twice.
- from: 0x11111
- to: 0x11111

Impact

_updateRewards executed twice with same address.

Tools Used

Recommendations

check that from != to when transfer.

function _transfer(

address _from,

address _to,

uint256 _lockId

) internal virtual {

if (_from != ownerOf(_lockId)) revert TransferFromIncorrectOwner();

if (_to == address(0)) revert TransferToZeroAddress();

if (_to == ccipController) revert TransferToCCIPController();

+ if (_from == _to) revert TransferToSameAddress();

delete tokenApprovals[_lockId];

_updateRewards(_from);

_updateRewards(_to);

uint256 effectiveBalanceChange = locks[_lockId].amount + locks[_lockId].boostAmount;

effectiveBalances[_from] -= effectiveBalanceChange;

effectiveBalances[_to] += effectiveBalanceChange;

balances[_from] -= 1;

balances[_to] += 1;

lockOwners[_lockId] = _to;

emit Transfer(_from, _to, _lockId);

}

Updates

Lead Judging Commences

0kage Lead Judge almost 2 years ago

Submission Judgement Published

Validated

Assigned finding tags:

from equals to

from and to address same in transfer

0xgenaudits Submitter

almost 2 years ago

0kage Lead Judge

almost 2 years ago

0xgenaudits Submitter

almost 2 years ago

0kage Lead Judge almost 2 years ago

Submission Judgement Published

Validated

Assigned finding tags:

from equals to

from and to address same in transfer

Prize pool breakdown

Total prize

27,500 USDC

nSLOC

1,414

19 USDC / LOC

High Medium

25,000 USDC

Low

2,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.