ArkProject: NFT Bridge

ArkProject

NFTBridge

60,000 USDC

View results

Previous Next

Submission Details

Severity: high

Valid

Some collections cannot be removed from whitelist on the starknet side

meeve

Summary

Admin should be able to remove collections from the list, but removing works only if the collection is on the first or second position. (Only these two cases are covered in unit tests)

However, if the collection is in any other location, the transaction will run out of gas.

Vulnerability Details

The vulnerability is present in _white_list_collection it contains the loop that should go through the linked list, but it is missing a piece of code at the end of the loop when prev element becomes the next. So the same element is checked over and over again until the gas runs out.

loop {

let (active, next) = self.white_listed_list.read(prev);

if next.is_zero() {

// end of list

break;

}

if !active {

break;

}

if next == collection {

let (_, target) = self.white_listed_list.read(collection);

self.white_listed_list.write(prev, (active, target));

break;

}

+ // missing piece of code.

+ prev = next;

};

Impact

Admin would not be able to remove collection from whitelist. In such scenarios, the protocol may suffer losses:

There are some technical difficulties in using such a collection or the collection exposes the protocol to some security issues.
This collection contains inappropriate content (offensive or illegal).
Legal problems or when collection is related to some frauds.
Low interest in collection.

Tools Used

Manual Review

Recommendations

Add the missing piece of code at the end of the loop.

prev = next;

Updates

Lead Judging Commences

n0kto Lead Judge about 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

finding-L2-unwhitelist-from-third collection-impossible

Likelyhood: High, owner can only unwhitelist the 2 first collections. Impact: Medium/High, owner has to empty the list to remove any collection, and replace all the new ones.

Prize pool breakdown

Total prize

60,000 USDC

nSLOC

2,301

26 USDC / LOC

High Medium

50,000 USDC

Low

5,500 USDC

Judges

4,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.