Decent - CDSecurity's results

Lines of code

https://github.com/decentxyz/decent-bridge/blob/7f90fd4489551b69c20d11eeecb17a3f564afb18/src/DcntEth.sol#L20

Vulnerability details

Impact

DcnthETh is an Omnichain Fungible Token (OFTV2) that is used for the DecentEthRouter. The OFTV2 tokens usually comply with the ERC20 standard but have extended functionality to be transferred across multiple blockchains without asset wrapping, middlechains, or liquidity pools.

Looking at the DcntETH contract, the tokens can be minted and burned either by the router or by the owner. The mint and burn functions have a onlyRouter modifier which restricts who can call the function:

    modifier onlyRouter() {
        require(msg.sender == router);
        _;
    }

    function mint(address _to, uint256 _amount) public onlyRouter {
        _mint(_to, _amount);
    }

    function burn(address _from, uint256 _amount) public onlyRouter {
        _burn(_from, _amount);
    }

However, the public setRouter function can be called by anyone and any address can be passed:

   function setRouter(address _router) public {
        router = _router;
    }

This means that any user can pass his own address and mint and burn any amount of tokens to/from anyone.

Proof of Concept

1. User A calls setRouter with his own address as an input parameter.
2. Now User A can call mint and pass _to address and any _amount of tokens and the call will succeed.
3. The same applies and to the burn function meaning User A can burn all of the tokens from any address as the _from parameter is user-supplied.

Tools Used

Manual Review

Recommended Mitigation Steps

Add an onlyOwner modifier to the setRouter function.

Assessed type

Access Control

Lines of code

https://github.com/code-423n4/2024-01-decent/blob/011f62059f3a0b1f3577c8ccd1140f0cf3e7bb29/src/UTB.sol#L311-L319

Vulnerability details

Impact

Users can bypass any fees that should be paid to the protocol as mentioned in the project's documentation:

The Box charges 0.00044 ETH on Arbitrum, Base, Zora, Optimism, Avalanche, Moonbeam, and Fantom, 0.00077 ETH on Ethereum, and 0.81 MATIC on Polygon for transactions that require a bridge or a swap. There are no fees on direct transactions.

The swapAndExecute method has the retrieveAndCollectFees modifier, which takes care of transferring the fees to the FeeCollector. Then, the private _swapAndExecute function is called which takes care of the swap logic.

However, the private _swapAndExecute is called within the receiveFromBridge function which is public and callable by anybody:

    function receiveFromBridge(
        SwapInstructions memory postBridge,
        address target,
        address paymentOperator,
        bytes memory payload,
        address payable refund
    ) public {
        _swapAndExecute(postBridge, target, paymentOperator, payload, refund);
    }

It takes the same input parameters which are forwarded in the external swapAndExecute. This means that any user can just call receiveFromBridge and achieve the same outcome without paying any fees because there is no access control or the retrieveAndCollectFees modifier. This will lead to a significant loss of funds for the project as the likelihood is very high.

Tools Used

Manual Review

Recommended Mitigation Steps

The receiveFromBridge is designed to handle the logic when funds are received from the bridge adapter. Consider adding appropriate access control and place a modifier which allows only adapters to call the function.

Assessed type

Access Control