First Flight #16: Mafia Takedown
First Flight #16
Beginner FriendlyDeFiFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

Anybody can remove other gang member in `Laundrette::quitTheGang` without their concent.

0xlookman

##Summary
Gang members can be remove fell gang members with concent

Vulnerability Details

The Laundrette::quitTheGang function does not have a check to see whether the address is the same as the sender.

This makes it possible for anyone to call this function with another person's address hence removing him from the gang. without their concent.

function quitTheGang(address account) external onlyRole("gangmember") {
kernel.revokeRole(Role.wrap("gangmember"), account);
}

Impact

Someone's Gang member rights can be revoked without their consent and the protocol is not intended to do so.

Tools Used

Manual review

Recommendations

Add the isAuthorizedOrRevert(account) modifier to this function to make ensure the message sender is the same as the address account.

- function quitTheGang(address account) external onlyRole("gangmember") {
+ function quitTheGang(address account) external onlyRole("gangmember") isAuthorizedOrRevert(account){
kernel.revokeRole(Role.wrap("gangmember"), account);
}
Updates

Lead Judging Commences

n0kto Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Gang members ban other members

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.