Back to mladenov's contests

Lybra Finance - mladenov's results

A protocol building the first interest-bearing omnichain stablecoin backed by LSD.

General Information

Platform: Code4rena

Start Date: 23/06/2023

Pot Size: $60,500 USDC

Total HM: 31

Participants: 132

Period: 10 days

Judge: 0xean

Total Solo HM: 10

Id: 254

League: ETH

Lybra Finance

Findings Distribution

Researcher Performance

Rank: 105/132

Findings: 1

Award: $18.42

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryLybra Finance

Findings Information

🌟 Selected for report: alexweb3

Also found by: D_Auditor, DedOhWale, DelerRH, LuchoLeonel1, Musaka, Neon2835, Silvermist, Timenov, TorpedoPistolIXC41, adeolu, cartlex_, hals, josephdara, koo, lanrebayode77, mahyar, mladenov, mrudenko, pep7siup, zaevlad, zaggle

Awards

18.4208 USDC - $18.42

Labels

bug
3 (High Risk)
satisfactory
upgraded by judge
duplicate-704

External Links

Link to GitHub issue

Lines of code

https://github.com/code-423n4/2023-06-lybra/blob/main/contracts/lybra/configuration/LybraConfigurator.sol#L85 , https://github.com/code-423n4/2023-06-lybra/blob/main/contracts/lybra/configuration/LybraConfigurator.sol#L90

Vulnerability details

Impact

Everyone is able to execute functions with attached modifiers checkRole and onlyRole due to missing require statement in modifiers.

checkRole and onlyRole modifier will execute functions everytime no matter of the result from GovernanceTimelock.checkRole and GovernanceTimelock.checkOnlyRole. Modifier must revert function execution if the result is false. Only users with specific role must be able to execute functions with these modifiers.

Proof of Concept

LybraConfigurator.sol

https://github.com/code-423n4/2023-06-lybra/blob/main/contracts/lybra/configuration/LybraConfigurator.sol#L85 https://github.com/code-423n4/2023-06-lybra/blob/main/contracts/lybra/configuration/LybraConfigurator.sol#L90

GovernanceTimelock.sol https://github.com/code-423n4/2023-06-lybra/blob/main/contracts/lybra/governance/GovernanceTimelock.sol#L25 https://github.com/code-423n4/2023-06-lybra/blob/main/contracts/lybra/governance/GovernanceTimelock.sol#L29

GovernanceTimelock.checkOnlyRole and GovernanceTimelock.checkRole returns boolean but there is no require statement to check if the result from these functions is true.

modifier onlyRole(bytes32 role) {
     // missing require statement here
     GovernanceTimelock.checkOnlyRole(role, msg.sender);
     _;
    }
modifier checkRole(bytes32 role) {
    // missing require statement here
     GovernanceTimelock.checkRole(role, msg.sender);
      _;
    }

Tools Used

Manual review Remix ide

Consider using require statement in modifiers to check if the result from checkRole and checkOnlyRole is true.

        modifier onlyRole(bytes32 role) {
        require(GovernanceTimelock.checkOnlyRole(role, msg.sender), "some error here");
        _;
    }
        modifier checkRole(bytes32 role) {
        require(GovernanceTimelock.checkRole(role, msg.sender), "some error here");
        _;
    }

Assessed type

Access Control

#0 - c4-pre-sort

2023-07-09T13:33:59Z

JeffCX marked the issue as duplicate of #704

#1 - c4-judge

2023-07-28T15:24:08Z

0xean marked the issue as satisfactory

#2 - c4-judge

2023-07-28T15:24:24Z

0xean changed the severity to 3 (High Risk)

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter