Canto Application Specific Dollars and Bonding Curves for 1155s - shenwilly's results

Lines of code

https://github.com/code-423n4/2023-11-canto/blob/335930cd53cf9a137504a57f1215be52c6d67cb3/1155tech-contracts/src/Market.sol#L120

Vulnerability details

Impact

The current implementation may prevent users from creating new shares, leading to frustration and potentially harming the app's reputation.

Vulnerability Details

When creating new share via Market.createNewShare, there is a check to ensure that the shareName is unique: Market.sol#L120

function createNewShare(
    string memory _shareName,
    address _bondingCurve,
    string memory _metadataURI
) external onlyShareCreator returns (uint256 id) {
    ...
    require(shareIDs[_shareName] == 0, "Share already exists");
    ...
}

A malicious party could observe the mempool and frontrun createNewShare transactions, causing them to revert. This effectively blocks the user from registering new shares in the app.

While this issue wouldn't be a problem initially as creators are whitelisted, this could be problematic as the app opens to the public.

Proof of Concept

• Alice monitors the mempool for any createNewShare tx.
• Alice frontruns these transactions with the same parameters, thus reverting the original transactions while securing the share name for herself.
• This blocks other users from creating their shares.

Recommended Mitigation Steps

Reconsider the necessity of unique shareName values. If on-chain uniqueness is important, implement strategies to counteract frontrunning, such as imposing a small fee or employing a commit-reveal process during share creation.

Assessed type

DoS