Dria

Github

• https://github.com/Cyfrin/2024-10-swan-dria/blob/c8686b199daadcef3161980022e12b66a5304f8e/contracts/llm/LLMOracleManager.sol#L126

Summary

The LLMOracleManager contract, responsible for configuring task settings within an LLM Oracle system, includes a setParameters function that allows updating minimum and maximum bounds for critical parameters, such as difficulty, numGenerations, and numValidations. However, this function lacks validation to ensure that the minimumParameters do not exceed the maximumParameters. This oversight creates a risk where misconfigured parameter bounds could cause functions relying on parameter range checks to fail, ultimately disrupting system functionality.

Vulnerability Details

The setParameters function allows the contract owner to set both minimum and maximum values for various task parameters encapsulated in LLMOracleTaskParameters. This function, however, does not check if the values in minimumParameters are indeed less than or equal to the corresponding values in maximumParameters.

If minimumParameters are set higher than maximumParameters, the parameter bounds become invalid. For example, setting minimumParameters.difficulty = 5 and maximumParameters.difficulty = 3 would mean no difficulty value could satisfy both conditions, as no number exists between 5 and 3.

Many functions rely on the onlyValidParameters modifier to check if task parameters are within valid bounds. Without consistent minimum-maximum bounds, calls to these functions would revert, preventing the contract from processing legitimate tasks leading to permanent DOS.

Because this configuration inconsistency does not manifest until a function requiring valid bounds is called, the contract’s owner may unintentionally misconfigure the contract without realizing the problem immediately.

Impact

Any function that uses the onlyValidParameters modifier, including critical functions that perform calculations, fees, and task validations, will revert if minimumParameters are misconfigured to be greater than maximumParameters. This could cause DOS and disrupt the contract’s operation, affecting users relying on this functionality.

Since misconfiguration errors are not caught in setParameters, these issues are only identified when subsequent calls revert. Users may encounter unexpected reverts with wasted gas costs until the issue is manually corrected by the owner.

Tools Used

Manual Review

Recommendations

To mitigate this vulnerability, add validation in the setParameters function to ensure that each values in minimumParameters are less than values in maximumParameters.