The approve
function in CapitalPool.sol
lacks access control, allowing any user to call it and approve tokens. This contradicts the function's comment, which states that it should only be callable by the token manager. This vulnerability can lead to unauthorized approvals and potential misuse of tokens.
Location: CapitalPool.sol::approve
The approve
function is intended to be called only by the token manager to approve tokens. However, the function does not enforce any access control, enabling any user to call it and approve tokens for the token manager.
The function lacks access control mechanisms to restrict its execution to the token manager. As a result, any user can call this function and approve tokens, potentially leading to unauthorized token transfers and other malicious activities.
This vulnerability allows any user to call the approve
function and approve tokens for the token manager. This can lead to unauthorized token approvals, resulting in potential loss or misuse of tokens.
Manual code review
Implement Access Control: Add access control to the approve
function to ensure that only the token manager can call it.
This is at most low severity, even though giving max approvals shouldn't be permisionless, the respective tokenManager address is retrieved from the TadleFactory contract whereby the trusted guardian role is responsible for deploying such contracts as seen [here](https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/factory/TadleFactory.sol#L68). Since the user still has to go through the PreMarkets/DeliveryPlace contracts to perform market actions, this max approval cannot be exploited.
The contest is live. Earn rewards by submitting a finding.
Submissions are being reviewed by the community.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.