Project
One World
NFTDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Users can create a DAO that will not match the template: "tierIndex 0 (Tier 1 in website) is at the highest level, tierIndex 6 (Tier 7 in website) is lowest."

crmx_lom

Summary

Throughout MembershipERC1155 it is assumed that DAOConfig::TierConfig[] contains structures in a certain order(Index 0 1 2 3 4 5 6 = Tier 1 2 3 4 5 6 7).

Users can create a DAO that will not match the template:


tierIndex 0 (Tier 1 in website) is at the highest level, tierIndex 6 (Tier 7 in website) is lowest.

Vulnerability Details

The description of the createNewDAOMembership function does not specify that the tierConfigs parameter must correspond to a certain order.

/// @notice Creates a new DAO membership
/// @param daoConfig The configuration for the DAO
/// @param tierConfigs The configurations for the tiers
/// @return The address of the newly created Membership ERC1155 proxy contract
function createNewDAOMembership(DAOInputConfig calldata daoConfig, TierConfig[] calldata tierConfigs)
external
returns (address)
{...}

The function does not check the order of the tierConfigs array

for (uint256 i = 0; i < tierConfigs.length; i++) {
require(tierConfigs[i].minted == 0, "Invalid tier config");
dao.tiers.push(tierConfigs[i]);
}

The same issue affects MembershipFactory::updateDAOMembership function.

Impact

DAOs with disordered tiers can confuse and cause issues for users or third-party integrations.

Tools Used

Manual review

Recommendations

Consider adding a check or sort for TierConfig[]

Updates

Lead Judging Commences

0xbrivan2 Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!