Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2022-03-JOYN-FINDINGS-ISSUES-126
HistoryApr 01, 2022 - 12:00 a.m.

A large platformFee (>10000), would cause underflow during sendToSplitter (at RoyaltyVault.sol)

2022-04-0100:00:00
Code4rena
github.com
5
JSON

Lines of code
<https://github.com/code-423n4/2022-03-joyn/blob/c9297ccd925ebb2c44dbc6eaa3effd8db5d2368a/royalty-vault/contracts/RoyaltyVault.sol#L40-L41&gt;

Vulnerability details

Impact

(at RoyaltyVault.sol)
Presently platformFee, does not have a upper limit and can be set to any value through setPlatformFee function. If the value is set beyond 10,000 it would cause an underflow during split share calculation at sendToSplitter function.

Proof of Concept

  1. <https://github.com/code-423n4/2022-03-joyn/blob/c9297ccd925ebb2c44dbc6eaa3effd8db5d2368a/royalty-vault/contracts/RoyaltyVault.sol#L67-L68&gt;

  2. <https://github.com/code-423n4/2022-03-joyn/blob/c9297ccd925ebb2c44dbc6eaa3effd8db5d2368a/royalty-vault/contracts/RoyaltyVault.sol#L40-L41&gt;

Tools Used

Manual review

Recommended Mitigation Steps

  • Decide on a maximum limit to platformFee (%)
  • Validate that with a require statement at setPlatformFee function

The text was updated successfully, but these errors were encountered:

All reactions

JSON