Incorrect Whitelist Logic in `_isWhiteListed`
Summary
The function _isWhiteListed is intended to check if a collection is whitelisted when the whitelist feature is enabled. However, there is a logical error in the implementation, which could lead to incorrect access control.
Vulnerability Details
The current implementation of _isWhiteListed is as follows:
The logic checks if the whitelist is disabled (!_whiteListEnabled) or if the collection is in the whitelist (_whiteList[collection]). This results in collections being considered whitelisted even when _whiteListEnabled is set to true, as long as _whiteListEnabled is false. This behavior is incorrect; the correct logic should enforce that both the whitelist is enabled and the collection is present in the whitelist:
Impact
This issue can lead to unauthorized collections being treated as whitelisted, potentially allowing unauthorized access to the bridge.
Tools Used
Manual code review.
Recommendations
Modify the logic in the _isWhiteListed function to ensure that a collection is considered whitelisted only when the whitelist is enabled and the collection is present in the whitelist.
Lead Judging Commences
Informational / Gas
Please, do not suppose impacts, think about the real impact of the bug and check the CodeHawks documentation to confirm: https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity A PoC always helps to understand the real impact possible.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.