Missing check for tokenPerPoint would lead to loss of funds
Summary
In DeliveryPlace.sol, due to the lack of check if the marketPlaceInfo.tokenPerPoint has been set or not, attackers can gain funds.
Vulnerability Details
The marketplace is updated using 2 different functions,
updateMarketPlaceStatus (status is being updated)
updateMarket (rest of the parameters are being updated)
Assume the following scenario,
-
Owner updates the marketplace status to AskSettling,
-
The attacker (an ask maker), calls the settleAskMaker() function with _settledPoints = usedPoints.
-
Since the tokenPerPoint has not been set by the admin, settledPointTokenAmount = 0
uint256 settledPointTokenAmount = marketPlaceInfo.tokenPerPoint *_settledPoints; -
The attacker will have to pay 0 point tokens, and will receive the entire collateral, and the funds given by the taker. Thus making a profit.
Impact
Attacker can unfairly earn a profit without paying the points token.
Tools Used
Manual Review
Recommendations
Add a check to make sure that marketPlaceInfo.tokenPerPoint is set.
Lead Judging Commences
[invalid] finding-Admin-Errors-Malicious
The following issues and its duplicates are invalid as admin errors/input validation/malicious intents are1 generally considered invalid based on [codehawks guidelines](https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity#findings-that-may-be-invalid). If they deploy/set inputs of the contracts appropriately, there will be no issue. Additionally admins are trusted as noted in READ.ME they can break certain assumption of the code based on their actions, and
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.