Submission Details
Severity:
Unintended Access Control in TempleGold:_update() Function cause user can't send TGLD
Summary
The _update function within the smart contract enforces whitelist-based access control for TGLD token transfers. Only addresses present in the authorized whitelist are allowed to receive tokens. This includes TempleGoldStaking, DaiGoldAuction, SpiceAuction, and a team gnosis multisig address.
Vulnerability Details
**The function checks if both the sender (From) and the recipient (to) address is present in the authorized whitelist mapping. **
and the dev comment
/// can only transfer to or from whitelisted addreess
but the dev use both assingment :
if (!authorized[from] && !authorized[to])
and on docs :
TGLD can be transferred to whitelisted addresses. These are TempleGoldStaking, DaiGoldAuction, SpiceAuction and team gnosis multisig address
Impact
Users not whitelistd can't send TGLD token to the Whitelised addresses
Tools Used
manual code review
Recommendation
function _update(address from, address to, uint256 value) internal override {
/// can only transfer to or from whitelisted addreess
/// @dev skip check on mint and burn. function `send` checks from == to
if (from != address(0) && to != address(0)) {
//@audit : should be or not both
// if (!authorized[from] || !authorized[to] )
// this not oki it should only check for to
-- if (!authorized[from] && !authorized[to]) { revert ITempleGold.NonTransferrable(from, to); }
++ if (!authorized[from] || !authorized[to]) { revert ITempleGold.NonTransferrable(from, to); }
}
super._update(from, to, value);
}
Prize pool breakdown
Total prize
25,000 USDC
nSLOC
99825 USDC / LOC
20,000 USDC
2,500 USDC
2,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.