First Flight #16: Mafia Takedown
First Flight #16
Beginner FriendlyDeFiFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

H-02. One member can kickout another even the GodFather

enchev

Summary

A member can kick other members even the GodFather

Vulnerability Details

The function Laundrette::quitTheGang is meant for a member to leave the mafia.
However, it can be called by members to kick out other members.

Impact

An ordinary member can kick out other members including the GodFather and overthrow the whole contract!

Tools Used

Manual Review

Recommendations

Add the modifier isAuthorizedOrRevert(account) toLaundrette::quitTheGang so a member can only leave by his wish or by the wish of the GodFather:

- function quitTheGang(address account) external onlyRole("gangmember") {
+function quitTheGang(address account) external isAuthorizedOrRevert(account) {
kernel.revokeRole(Role.wrap("gangmember"), account);
}

Proof Of Concept

  1. Add the following method to LaundretteTest:

function test_membersCanKickEachOther() public {
address user1 = makeAddr("user_1");
address user2 = makeAddr("user_2");
// Setup GodFather and one initial member.
joinGang(user1);
vm.prank(godFather);
laundrette.addToTheGang(user2);
// Assue users are part of the gang:
assertEq(kernel.hasRole(user1, Role.wrap("gangmember")), true);
assertEq(kernel.hasRole(user2, Role.wrap("gangmember")), true);
assertEq(kernel.hasRole(godFather, Role.wrap("gangmember")), true);
// User 1 kickout user2:
vm.prank(user1);
laundrette.quitTheGang(user2);
vm.prank(user1);
laundrette.quitTheGang(godFather);
// Assume user2 and GodFather have been kicked out by user1.
assertEq(kernel.hasRole(user1, Role.wrap("gangmember")), true);
assertEq(kernel.hasRole(user2, Role.wrap("gangmember")), false);
assertEq(kernel.hasRole(godFather, Role.wrap("gangmember")), false);
}

  1. Run the following command: forge test --mt test_membersCanKickEachOther

Updates

Lead Judging Commences

n0kto Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Gang members ban other members

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.