First Flight #16: Mafia Takedown

First Flight #16

Beginner FriendlyDeFiFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Incorrect `moneyshelf` role after migration, causing `MoneyVault` unable to mint or burn CrimeMoney

Ryan

Description

In CrimeMoney contract, only address with "moneyshelf" role can mint or burn the token, which is originally the MoneyShelf contract, granted in Deployer.s.sol script. But after migration, MoneyVault is not granted as "moneyshelf" role.

Impact

After migration, MoneyVault cannot burn CrimeMoney, so godfather cannot withdraw USDC from it.

Proof of Concept

function test_migrateAndWithdraw() public {

address alice = makeAddr("alice");

assertEq(address(kernel.getModuleForKeycode(Keycode.wrap("MONEY"))), address(moneyShelf));

joinGangGodFather();

joinGang(address(this));

vm.prank(godFather);

usdc.transfer(alice, 100e6);

vm.startPrank(alice);

usdc.approve(address(moneyShelf), 100e6);

laundrette.depositTheCrimeMoneyInATM(alice, alice, 100e6);

vm.stopPrank();

assertEq(usdc.balanceOf(alice), 0);

assertEq(usdc.balanceOf(address(moneyShelf)), 100e6);

assertEq(crimeMoney.balanceOf(alice), 100e6);

EmergencyMigration migration = new EmergencyMigration();

MoneyVault moneyVault = migration.migrate(kernel, usdc, crimeMoney, moneyShelf, laundrette);

assertEq(usdc.balanceOf(address(moneyVault)), 0);

vm.prank(godFather);

vm.expectRevert();

laundrette.withdrawMoney(alice, godFather, 100e6);

}

Recommendations

grant "moneyshelf" role to new MoneyVault contract. But since admin role is already transferred to laundrette, we can add a function in laundrette to grant role:

in laundrette:

++ function grantRoleMoneyShelf(address _moneyShelf) external isGodFather {

++ kernel.grantRole(Role.wrap("moneyshelf"), _moneyShelf);

++ }

in EmergencyMigration.s.sol

++ laundrette.grantRoleMoneyShelf(address(moneyVault));

Updates

Lead Judging Commences

n0kto Lead Judge about 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

MoneyVault cannot burn or mint CrimeMoney

Godfather can add the role manually

Rewards breakdown

nSLOC

205

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.