Canto Identity Subprotocols contest - Emmanuel's results

Subprotocols for Canto Identity Protocol.

General Information

Platform: Code4rena

Start Date: 17/03/2023

Pot Size: $36,500 USDC

Total HM: 10

Participants: 98

Period: 3 days

Judge: leastwood

Total Solo HM: 5

Id: 223

League: ETH

Canto Identity Subprotocols

Findings Distribution

Researcher Performance

Rank: 11/98

Findings: 1

Award: $401.03

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Canto Identity Subprotocols

Findings Information

🌟 Selected for report: volodya

Also found by: Emmanuel, IgorZuk, Rappie, adriro, dec3ntraliz3d, descharre, igingu, m9800

Labels

bug

3 (High Risk)

satisfactory

duplicate-117

Awards

401.0269 USDC - $401.03

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2023-03-canto-identity/blob/main/canto-namespace-protocol/src/Namespace.sol#L144

Vulnerability details

Impact

The fuse function only allows creation of emoji typed characters due to this line in the fuse function: bytes memory charAsBytes = Utils.characterToUnicodeBytes(0, tileData.characterIndex, characterModifier);, which only accepts a _fontClass of 0 as the first parameter. This prevents creation of Names with alphanumeric character.

Proof of Concept

function testFusingOfNonEmojis() public {
        uint256 tid = buyOnePrelaunch(false);
        Namespace.CharacterData[] memory list = new Namespace.CharacterData[](
            1
        );
        list[0] = Namespace.CharacterData(tid, 0, 0);
        ns.fuse(list);
        string memory nametoregister=tokenToName(1)
        console.log(nametoregister); //always logs an emoji
    }

Tools Used

VSCode

Recommended Mitigation Steps

Use bytes memory charAsBytes = Utils.characterToUnicodeBytes(tileData.fontClass, tileData.characterIndex, characterModifier); instead of bytes memory charAsBytes = Utils.characterToUnicodeBytes(0, tileData.characterIndex, characterModifier); in the fuse function

#0 - c4-judge
2023-03-28T21:58:44Z

0xleastwood marked the issue as duplicate of #117

#1 - c4-judge
2023-04-11T19:28:24Z

0xleastwood marked the issue as satisfactory

Canto Identity Subprotocols contest - Emmanuel's results

Subprotocols for Canto Identity Protocol.

General Information

Findings Distribution

Researcher Performance

External Links

[H-01] Fuse function only allows creation of emoji typed characters, and does not allow creation of other font classes like text. - $401.03

Findings Information

Labels

Awards

External Links

Lines of code

Vulnerability details

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

#0 - c4-judge2023-03-28T21:58:44Z

#1 - c4-judge2023-04-11T19:28:24Z

#0 - c4-judge
2023-03-28T21:58:44Z

#1 - c4-judge
2023-04-11T19:28:24Z