Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2022-01-LIVEPEER-FINDINGS-ISSUES-165
HistoryJan 19, 2022 - 12:00 a.m.

Admin can rug L2 Escrow tokens leading to reputation risk

2022-01-1900:00:00
Code4rena
github.com
6
JSON

Handle

harleythedog

Vulnerability details

Impact

The L1Escrow contract has the function approve that is callable by the admin to approve an arbitrary spender with an arbitrary amount (so they can steal all of the escrowโ€™s holdings if they want). Even if the admin is well intended, the contract can still be called out which would degrade the reputation of the protocol (e.g. see here: <https://twitter.com/RugDocIO/status/1411732108029181960&gt;). LPT is valuable on the Ethereum mainnet, so this rug vector should be mitigated. It would be best to restrict this functionโ€™s power by only allowing approvals to other trusted protocol contracts (like L1LPTGateway, which I believe uses the escrowโ€™s approval).

NOTE: Even if the admin is under a timelock, this is still an issue, as users have to wait a whole week to withdraw from L2 -> L1 due to the dispute period.

Proof of Concept

See the approve function here: <https://github.com/livepeer/arbitrum-lpt-bridge/blob/ebf68d11879c2798c5ec0735411b08d0bea4f287/contracts/L1/escrow/L1Escrow.sol#L21&gt;

Tools Used

Inspection.

Recommended Mitigation Steps

Restrict the power of this approve function so that the admin isnโ€™t able to steal funds. This can be accomplished by only allowing approvals to other protocol functions (instead of arbitrary approvals).

The text was updated successfully, but these errors were encountered:

All reactions

JSON