stake.link
stake.link
DeFiHardhatBridge
27,500 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

The contract approves an unlimited amount of linkToken, attackers can perform unauthorized transfers on behalf of the RESDLTokenBridge contract.

0xVinylDavyl

Vulnerability Details

Impact

An attacker could deploy a malicious contract and perform unauthorized transfers of LINK tokens on behalf of the SDLPoolCCIPControllerPrimary contract, leading to potential financial loss and disruptions in the intended functionality.

The linkToken contract is approved for an unlimited amount by the SDLPoolCCIPControllerPrimary contract. This could be exploited by attackers to perform unauthorized transfers on behalf of the SDLPoolCCIPControllerPrimary contract.

Proof of Concept

  1. Deploy a malicious contract with the provided code.

  2. Utilize the unlimited approval to perform unauthorized transfers.

Tools Used:

Manual Code Review

Recommendation

Limit the approval amount for linkToken to the necessary value. Only approve the amount required for the intended operations in the SDLPoolCCIPControllerPrimary contract.

Code

// Insecure line that grants unlimited approval
linkToken.safeApprove(address(sdlPoolCCIPController), type(uint256).max);

Tools Used

Manual Code Review

Recommended Mitigation Steps

Modification ensures that only the required amount of linkToken is approved, reducing the attack surface and potential impact.
Limit the approval amount for linkToken to the necessary value. Update the code as follows:

// Limit the approval amount to the necessary value
linkToken.safeApprove(address(sdlPoolCCIPController), amount);
Updates

Lead Judging Commences

0kage Lead Judge almost 2 years ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.