First Flight #16: Mafia Takedown

First Flight #16

Beginner FriendlyDeFiFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Invalid

Wrong Access Control Implementation at addToTheGang

silverwind

Summary

The addToTheGang function in the Laundrette contract has two conflicting modifiers, onlyRole and isGodFather, which prevent it from functioning as intended.

Vulnerability Details

The onlyRole modifier requires msg.sender to have the gangmember role, while the isGodFather modifier requires msg.sender to be the godFather. Since the godFather role cannot gain the gangmember role using the addToTheGang function, a single user cannot satisfy both modifiers simultaneously. Consequently, it is impossible to execute the addToTheGang function as designed.

Impact

No one can add new members to the gang, effectively breaking the functionality of the addToTheGang function.

PoC

function test_AddToTheGangWithGodFather() public {

vm.startPrank(godFather);

vm.expectRevert();

laundrette.addToTheGang(address(this)); //-> reverts because the godFather does not have the gangmember role.

}

function test_AddToTheGangWithGangMember() public {

address potantialMember = makeAddr("potantialMember");

joinGang(address(this));

vm.expectRevert();

laundrette.addToTheGang(potantialMember); // -> reverts because the gangmember does not have the godFather role.

}

function test_AddGangMemberRoleToGodFather() public {

vm.startPrank(godFather);

vm.expectRevert();

laundrette.addToTheGang(godFather); // -> reverts because godFather does not have the gangmember role.

}

Tools Used

Manual Reading, Foundry Framework.

Recommendations

Use a combined hasRole modifier to check if msg.sender has either the gangmember or godFathe role.

modifier hasRole() public {

require(kernel.hasRole(msg.sender, Role.wrap("gangmember")) || kernel.hasRole(msg.sender, Role.wrap("God Father")) , "msg.sender does not have the role needed for using this function");

}

Updates

Lead Judging Commences

n0kto Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Design choice

Rewards breakdown

nSLOC

205

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

First Flight #16: Mafia Takedown

Wrong Access Control Implementation at *addToTheGang*

Summary

Vulnerability Details

Impact

PoC

Tools Used

Recommendations

Lead Judging Commences

Rewards breakdown

Live

Judging

Appeals

Appeals Review

Rewards Distribution

FAQs

Wrong Access Control Implementation at addToTheGang