Tadle

DeFiFoundry

27,750 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Incorrect `SettleAskMaker` and `SettleAskTaker` event emission with contract owner as `authority`

gajiknownnothing

Summary

The DeliveryPlace::settleAskMaker() function allows either the offerInfo.authority or the contract owner to initiate the settlement process. However, when the contract owner calls this function, the event SettleAskMaker is incorrectly emitted with the owner’s address as the _authority. This results in inaccurate event logs.

The SettleAskTaker event has the same issue.

Vulnerability Details

The caller of DeliveryPlace::settleAskMaker() could be offerInfo.authority or owner of contract:

File: DeliveryPlace.sol

249: if (status == MarketPlaceStatus.AskSettling) {

250: if (_msgSender() != offerInfo.authority) {

251: revert Errors.Unauthorized();

252: }

253: } else {

254:> if (_msgSender() != owner()) {

255: revert Errors.Unauthorized();

256: }

However, when the contract owner calls the function, the SettleAskMaker event is emitted with _msgSender() (the owner) as the _authority, even though _authority should ideally represent the original authority tied to the offer.

File: DeliveryPlace.sol

316: emit SettleAskMaker(

317: makerInfo.marketPlace,

318: offerInfo.maker,

319: _offer,

320:> _msgSender(),

321: _settledPoints,

322: settledPointTokenAmount,

323: makerRefundAmount

324: );

The SettleAskMaker event:

File: IDeliveryPlace.sol

53: event SettleAskMaker(

54: address indexed _marketPlace,

55: address indexed _maker,

56: address indexed _offer,

57:> address _authority,

58: uint256 _settledPoints,

59: uint256 _settledPointTokenAmount,

60: uint256 _makerRefundAmount

61: );

Impact

Emits inaccurate SettleAskMaker and SettleAskTaker events, which could be a misleading event log.

Tools Used

vscode

Recommendations

emit SettleAskMaker(

makerInfo.marketPlace,

offerInfo.maker,

_offer,

- _msgSender(),

+ offerInfo.authority,

_settledPoints,

settledPointTokenAmount,

makerRefundAmount

);

emit SettleAskTaker(

makerInfo.marketPlace,

offerInfo.maker,

_stock,

stockInfo.preOffer,

- _msgSender(),

+ offerInfo.authority,

_settledPoints,

settledPointTokenAmount,

collateralFee

);

Updates

Lead Judging Commences

0xnevi Lead Judge

about 1 year ago

0xnevi Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Prize pool breakdown

Total prize

27,750 USDC

nSLOC

1,229

23 USDC / LOC

High Medium

25,000 USDC

Low

2,750 USDC

Judges

2,250 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.