Submission Details
Severity:
Lack of limit or checks on amount in claim allows attacker to drain contract/DOS
Summary
No limits or checks on the amount? An attacker can drain the entire account, or at least DOS the contract if set an amount higher than what is inside the contract
Vulnerability Details
function claim(address account, uint256 amount, bytes32[] calldata merkleProof) external payable {
if (msg.value != FEE) {
revert MerkleAirdrop__InvalidFeeAmount();
}
bytes32 leaf = keccak256(bytes.concat(keccak256(abi.encode(account, amount))));
if (!MerkleProof.verify(merkleProof, i_merkleRoot, leaf)) {
revert MerkleAirdrop__InvalidProof();
}
emit Claimed(account, amount);
i_airdropToken.safeTransfer(account, amount);
}
The function claim has no checks on the amount claimed so an attacker can drain all the funds
Impact
The impact of this vulnerability is severe, as it allows an attacker to drain the funds or cause a DOS to the contract.
Tools Used
Manual review
Recommendations
Maybe add a require statement to check whether the amount passed in is reasonable.
Rewards breakdown
nSLOC
62This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.