Zaros Part 1
Zaros
DeFiFoundry
60,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

TradingAccountBranch:createTradingAccount() doesn't correctly validate that the provided referralCode is custom.

0xlrivo

Summary

TradingAccountBranch:createTradingAccount() doesn't correctly validate that the provided referralCode is actually a custom one, since it trusts the user input.

Vulnerability Details

Assume that a custom referral code "aaaaa" has ben registered by the owner.

A user can call TradingAccountBranch:createTradingAccount("aaaaa", false) and treat this code as a non-custom one since the function trusts the user input.

Since the parameter isCustomReferralCode = false we enter in the following else branch that handles non-custom referral codes:

} else {
address referrer = abi.decode(referralCode, (address));
if (referrer == msg.sender) {
revert Errors.InvalidReferralCode();
}
referral.referralCode = referralCode;
referral.isCustomReferralCode = false;
}

Impact

Users can pass a valid custom referral code but using it as a non-custom code.

Tools Used

Manual Review

Recommendations

Instead of relying on the parameter isCustomReferralCode directly check if the provided code is a custom one

CustomReferralConfiguration.Data storage customReferral =
CustomReferralConfiguration.load(string(referralCode));
if (customReferral.referrer != address(0)) {
// the code is actually a registered custom one
referral.referralCode = referralCode;
referral.isCustomReferralCode = true;
}
else {
// the code isn't a registered custom referral
referral.referralCode = referralCode;
referral.isCustomReferralCode = false;
}
Updates

Lead Judging Commences

inallhonesty Lead Judge
about 1 year ago
inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.