Submission Details
Severity:
Logic flaw in `Laundrette::addToTheGang` function, causing nobody can grant "gangmember" role if GodFather is not a "gangmember"
Description
The function Laundrette::addToTheGang requires caller to be "gangmember" and GodFather at same time. Thus, if the only GodFather is not a "gangmember" (not granted in the first place, or revoked), nobody and grant new "gangmember" roles (even to godfather himself). And this is an dead end.
Impact
If GodFather at this moment is not a "gangmember" (either never granted or revoked), nobody can become "gangmember" anymore.
This is even more dangerous when anyone can revoke others' "gangmember" role.
Proof of Concept
function test_joinGangFail() public {
address alice = makeAddr("alice");
vm.prank(godFather);
vm.expectRevert();
laundrette.addToTheGang(alice);
}
Recommendations
remove onlyRole("gangmember") modifer, and only keep isGodFather:
function addToTheGang(address account) external isGodFather {
Updates
Lead Judging Commences
n0kto about 1 year ago
Submission Judgement Published Assigned finding tags:
GodFather is not a gang member
Rewards breakdown
nSLOC
205This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.