Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Token validation isn't done in `Treasory.sol::deposit()`.

orangesantra

Summary

Code snippet of Treasory.sol::deposit() -

function deposit(address token, uint256 amount) external override nonReentrant {
if (token == address(0)) revert InvalidAddress();
if (amount == 0) revert InvalidAmount();
IERC20(token).transferFrom(msg.sender, address(this), amount);
_balances[token] += amount;
_totalValue += amount;
emit Deposited(token, amount);
}

  • token address isn't verified,

  • Attacker can put any fake token and hit deposit() function which will inflate _totalValue very high.

  • This will lead to disperncy between actual balance of treasory and internal accounting mapping _balances[token].

  • This can lead to incorrect amount of token related actions like depositing and withdrawing.

Vulnerability Details

Same as above

Impact

Non synchronous value between actual balance of treasury contract and internal accounting, can lead many flaws in token inflow/ outflow operations.

Tools Used

Manual

Recommendations

Implement a require statement to verify if token is legit or not.

Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

Treasury::deposit increments _totalValue regardless of the token, be it malicious, different decimals, FoT etc.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!