Flow
Sablier
FoundryDeFi
20,000 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Missing Authorization check in `_update` function

brene

Summary

The _update function lacks a check to confirm that the caller (auth) is authorized to update the stream. This could allow unauthorized parties to transfer or update streams, potentially leading to unauthorized access and loss of control over user assets.

Vulnerability Details

The _update function is an internal function that is used to update the recipient or other details of a stream. However, it does not verify if the caller (auth) is authorized to make this update. Specifically, there is no check to confirm that auth is either the stream owner, an approved operator, or otherwise authorized to perform the update.

function _update(
address to,
uint256 streamId,
address auth
)
internal
override
updateMetadata(streamId)
returns (address)
{
address from = _ownerOf(streamId);
if (from != address(0) && !_streams[streamId].isTransferable) {
revert Errors.SablierFlowBase_NotTransferable(streamId);
}
return super._update(to, streamId, auth);
}

Impact

Without an authorization check, the _update function could allow unauthorized parties to transfer ownership of streams or make changes to streams they do not control. This could lead to loss of control over user assets, unauthorized transfers, or misallocation of resources, all of which undermine the security and trust of the protocol.

Tools Used

Manual Review

Recommendations

Add an authorization check to confirm that auth is the stream’s recipient, an approved operator, or the owner of the stream. This ensures only authorized parties can initiate updates

Updates

Lead Judging Commences

inallhonesty Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.