Submission Details
Impact:
Likelihood:
Signer Other Than Owner Unable to Propose Transaction
Signer Other Than Owner Unable to Propose Transaction
Description
Based on README protocol, all Signer should be able to propose transaction. However inside the protocol, only owner hold power to propose transaction.
function proposeTransaction(address to, uint256 value, bytes calldata data)
external
nonReentrant
noneZeroAddress(to)
onlyOwner // <@ onlyOwner has access to propose transaction
returns (uint256)
{
return _proposeTransaction(to, value, data);
}
Impact
High – As the protocol are designed that all signer (not only owner) should able to proposed, confirm, revoke and execute transaction. But the real implementation is only owner able to propose transaction.
Proof of Concepts
Add this function into the existing unit test
Run the function with forge test --match-test testProposedTransactionForNonOwner -vvvv
function testProposeTransactionForNonOwner() public grantSigningRoles {
vm.prank(SIGNER_TWO);
vm.expectRevert();
multiSigTimelock.proposeTransaction(SPENDER_ONE, OWNER_BALANCE_ONE, hex"");
}
Recommended mitigation
Change the logic function to grant the access for all signer
function proposeTransaction(address to, uint256 value, bytes calldata data)
external
nonReentrant
noneZeroAddress(to)
- onlyOwner
+ onlyRole(SIGNING_ROLE)
returns (uint256)
{
return _proposeTransaction(to, value, data);
}
Updates
Rewards breakdown
nSLOC
205This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.