Back to ak1's contests

Papr contest - ak1's results

NFT Lending Powered by Uniswap v3.

General Information

Platform: Code4rena

Start Date: 16/12/2022

Pot Size: $60,500 USDC

Total HM: 12

Participants: 58

Period: 5 days

Judge: Trust

Total Solo HM: 4

Id: 196

League: ETH

Backed Protocol

Findings Distribution

Researcher Performance

Rank: 32/58

Findings: 1

Award: $43.54

QA:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryBacked Protocol

Findings Information

🌟 Selected for report: yixxas

Also found by: 0x52, 0xAgro, 0xSmartContract, 0xhacksmithh, Aymen0909, Bnke0x0, Bobface, Breeje, Diana, Franfran, HE1M, HollaDieWaldfee, IllIllI, Jeiwan, RaymondFam, Rolezn, SaharDevep, Secureverse, SmartSek, ak1, bin2chen, brgltd, chrisdior4, gz627, imare, ladboy233, lukris02, oyc_109, rvierdiiev, shark, tnevler, unforgiven, wait

Awards

43.5439 USDC - $43.54

Labels

bug
downgraded by judge
grade-b
QA (Quality Assurance)
satisfactory
Q-32

External Links

Link to GitHub issue

Lines of code

https://github.com/with-backed/papr/blob/9528f2711ff0c1522076b9f93fba13f88d5bd5e6/src/ReservoirOracleUnderwriter.sol#L64-L117

Vulnerability details

Impact

Same signature can be used in other chains if the project is launched in other chains. Signature replay attack.

Proof of Concept

https://github.com/with-backed/papr/blob/9528f2711ff0c1522076b9f93fba13f88d5bd5e6/src/ReservoirOracleUnderwriter.sol#L64-L117

nonce and chain id are not used. As per EIP 712 recommendation, they need to be included in the signature based transaction.

Tools Used

Manual review

Follow EIP 712 standards. include domain separator. include nonce inlcude chain id.

#0 - c4-judge

2022-12-25T17:04:54Z

trust1995 marked the issue as duplicate of #143

#1 - c4-judge

2022-12-25T17:04:58Z

trust1995 marked the issue as satisfactory

#2 - iFrostizz

2022-12-27T20:44:54Z

Dup of Low-2: https://github.com/code-423n4/2022-12-backed-findings/issues/268 but as always will advise with judges decision

#3 - c4-judge

2023-01-04T09:11:02Z

trust1995 changed the severity to QA (Quality Assurance)

#4 - aktech297

2023-01-07T06:08:55Z

The issue is pretty straight forward which does not require much of the explanations. I am not sure why it is not qualified as medium one. I saw this kind of issues are treated as medium rather than QA. By marking this as QA, are we not taking attention to the issues that could cause considerable impact to the protocol in the long run.

#5 - trust1995

2023-01-08T10:14:25Z

Quality is not high enough and impact is not sufficient considering hypotheticals, for Med.

#6 - c4-judge

2023-01-08T10:14:34Z

trust1995 marked the issue as grade-b

#7 - wilsoncusack

2023-01-18T15:19:11Z

Hey guys, I think this was a dup to other ones: since we are using oracle messages we do not care about replay attacks

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter