Platform: Code4rena
Start Date: 19/01/2024
Pot Size: $36,500 USDC
Total HM: 9
Participants: 113
Period: 3 days
Judge: 0xsomeone
Id: 322
League: ETH
Rank: 81/113
Findings: 1
Award: $0.12
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: NPCsCorp
Also found by: 0x11singh99, 0xAadi, 0xBugSlayer, 0xE1, 0xPluto, 0xSimeon, 0xSmartContract, 0xabhay, 0xdice91, 0xprinc, Aamir, Aymen0909, CDSecurity, DadeKuma, DarkTower, EV_om, Eeyore, GeekyLumberjack, GhK3Ndf, Giorgio, Greed, Inference, JanuaryPersimmon2024, Kaysoft, Krace, Matue, MrPotatoMagic, NentoR, Nikki, PUSH0, Soliditors, Tendency, Tigerfrake, Timeless, Timenov, ZanyBonzy, ZdravkoHr, abiih, adeolu, al88nsk, azanux, bareli, boredpukar, cu5t0mpeo, d4r3d3v1l, darksnow, deth, dutra, ether_sky, haxatron, ke1caM, kodyvim, m4ttm, mgf15, mrudenko, nmirchev8, nobody2018, nuthan2x, peanuts, piyushshukla, ravikiranweb3, rouhsamad, seraviz, simplor, slylandro_star, stealth, th13vn, vnavascues, wangxx2026, zaevlad
0.1172 USDC - $0.12
An attacker could change the router in this Token to another router, allowing them to mint tokens for themselves. Consequently, the DecentEthRouter would not be able to add liquidity, or users would be unable to withdraw their tokens.
Get the address of the Token DcntEth. Set the address of a new router. Mint new tokens for a user. Set the address of the old router. Withdraw the amount that was minted.
function testRouter() public { assertEq(router, dcntEth.router()); dcntEth.setRouter(router2); console2.log("router is", router); //check the router assertEq(router2, dcntEth.router()); }
foundry
Only an admin should be able to set the router for DcntEth, add onlyOwner modifier in front of the function setRouter
function setRouter(address _router) public onlyOwner
Access Control
#0 - c4-pre-sort
2024-01-25T20:29:48Z
raymondfam marked the issue as sufficient quality report
#1 - c4-pre-sort
2024-01-25T20:29:54Z
raymondfam marked the issue as duplicate of #14
#2 - c4-judge
2024-02-03T13:08:23Z
alex-ppg marked the issue as satisfactory