Tadle
Tadle
DeFiFoundry
27,750 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Token Whitelisting Changes Will Cause Settlement Reverts

namx05

Summary

If a user calls functions such as listOffer, createOffer, or createTaker, which result in token transfers to capitalPoolAddr, and subsequently, the token used in these transactions is removed from the whitelist by an admin, the settleAskMaker and settleAskTaker functions will revert. This occurs because the tokens used in these transactions will no longer be recognized as valid by the tillIn function, which requires whitelisted tokens.

Vulnerability Details

The settleAskMaker function, which processes settlements for offers made by sellers (makers), and the settleAskTaker function, which handles settlements for offers accepted by buyers (takers), both rely on the tillIn function to validate the whitelisted status of tokens before proceeding. The relevant code snippet for settleAskMaker is:

function settleAskMaker(address _offer, uint256 _settledPoints) external {
...
uint256 settledPointTokenAmount = marketPlaceInfo.tokenPerPoint * _settledPoints;
ITokenManager tokenManager = tadleFactory.getTokenManager();
if (settledPointTokenAmount > 0) {
tokenManager.tillIn(
_msgSender(),
marketPlaceInfo.tokenAddress,
settledPointTokenAmount,
true
);
}
...
}

The tillIn function, as provided earlier, checks whether the token being deposited is whitelisted. If the token is not in the whitelist, the function reverts:

function tillIn(
address _accountAddress,
address _tokenAddress,
uint256 _amount,
bool _isPointToken
) external payable '
onlyRelatedContracts(tadleFactory, _msgSender())
@> onlyInTokenWhiteList(_isPointToken, _tokenAddress) {
...
}

When the token is removed from the whitelist, the subsequent calls to settleAskMaker or settleAskTaker, which involve the token, will fail because the tillIn function will revert upon detecting that the token is no longer whitelisted.

Impact

If the token used in previous transactions is removed from the whitelist, the settleAskMaker and settleAskTaker functions will revert, preventing successful settlement of offers. This results in potential transaction failures and loss of funds or points, as the contracts will be unable to complete the settlement process.

Tools Used

Manual

Recommendations

To mitigate this issue, ensure that token whitelisting changes are managed carefully and consider implementing mechanisms to handle or transition tokens that are removed from the whitelist. One approach could be:

  • to implement a grace period or a separate function that handles token transitions to avoid disrupting ongoing transactions.

  • Additionally, consider adding checks or notifications to alert users of whitelist changes that might affect their transactions.

Updates

Lead Judging Commences

0xnevi Lead Judge
about 1 year ago
0xnevi Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Known issue

Appeal created

namx05 Submitter
about 1 year ago
0xnevi Lead Judge
about 1 year ago
namx05 Submitter
about 1 year ago
0xnevi Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.