Tadle

DeFi

30,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Missing Validation for tokenAddress in PreMarket::createOffer

ayoashy

Summary

The PreMarket::createOffer lacks proper validation for the tokenAddress parameter. This oversight could potentially lead to the creation of offers with invalid or malicious token addresses, posing risks to the system's integrity and user funds.

Vulnerability Details

The PreMarket::createOffer function is designed to allow users to create a new offer in the marketplace. The function takes several parameters encapsulated in the CreateOfferParams struct, one of which is tokenAddress. However, the function does not perform any validation to ensure that the provided tokenAddress is neither a zero address (address(0)) nor a valid token contract address.

The tokenAddress is directly used to transfer collateral without any prior validation. This lack of validation introduces several risks:

Zero Address Exploit: An attacker could pass address(0) as the tokenAddress, which would lead to the system attempting to interact with the zero address. This could result in unexpected behavior or system failure.
Invalid Contract Address: An attacker could provide an address that does not point to a valid ERC20 token contract. This could cause the transaction to fail or even lead to loss of funds if the contract interacts with an incompatible or malicious contract.

https://github.com/Cyfrin/2024-08-tadle/blob/main/src/core/PreMarkets.sol#L39-L157

https://github.com/Cyfrin/2024-08-tadle/blob/main/src/interfaces/IPerMarkets.sol#L297-L306

Impact

The lack of token address validation could lead to:

Creation of offers with non-existent token addresses, leading to failed transactions when interacting with these offers.
Potential for creating offers with malicious token contracts, which could be used for phishing attacks or other exploits.
Inconsistency in the system if invalid token addresses are allowed, potentially causing issues with token transfers or balance calculations.
Possible financial losses for users interacting with offers that have invalid token addresses.

Tools Used

Manual Review

Recommendations

To address this vulnerability, it is crucial to implement proper validation for the tokenAddress parameter before it is used within the createOffer function.

Zero Address Check: Ensure that the tokenAddress is not the zero address (address(0)):

if (params.tokenAddress == address(0)) { revert InvalidTokenAddress(); }

add this validation to the check within the function

Updates

Lead Judging Commences

0xnevi Lead Judge

11 months ago

0xnevi Lead Judge 10 months ago

Submission Judgement Published

Invalidated

Reason: Known issue

Prize pool breakdown

Total prize

30,000 USDC

nSLOC

1,229

24 USDC / LOC

High Medium

25,000 USDC

Low

2,750 USDC

Judges

2,250 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.