Platform: Code4rena
Start Date: 11/01/2023
Pot Size: $60,500 USDC
Total HM: 6
Participants: 69
Period: 6 days
Judge: Trust
Total Solo HM: 2
Id: 204
League: ETH
Rank: 27/69
Findings: 1
Award: $137.62
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: AkshaySrivastav
Also found by: 0xjuicer, Bauer, Tajobin, adriro, csanuragjain, gzeon, immeas, rbserver
137.6239 USDC - $137.62
https://github.com/code-423n4/2023-01-ondo/blob/main/contracts/cash/kyc/KYCRegistry.sol#L79-L112 https://github.com/code-423n4/2023-01-ondo/blob/main/contracts/cash/kyc/KYCRegistry.sol#L175
A user that should be removed from the KYC list can be added back to the KYCed list using addKYCAddressViaSignature() until the signature expires.
addKYCAddressViaSignature()removeKYCAddressesaddKYCAddressViaSignature(), the address will be added back to the whitelistManual review
I recommend adding a storing and checking for used signatures to prevent them from being reused. It's also lacking a mechanism to revoke not used signatures.
#0 - trust1995
2023-01-22T15:58:56Z
Very short but good enough since covered the key details and fix would work although not ideal.
#1 - c4-judge
2023-01-22T15:59:06Z
trust1995 marked the issue as duplicate of #187
#2 - c4-judge
2023-01-22T15:59:38Z
trust1995 marked the issue as satisfactory
#3 - c4-judge
2023-02-01T07:53:49Z
trust1995 marked the issue as partial-50