Lucene search

HistoryJul 15, 2022 - 12:00 a.m.

Implementation does not exist


Lines of code fd36ce96b46943026cb2dfcb76dfa3f884f51c18/Marketplace/MarketPlace.sol#L156

Vulnerability details


ZcToken.withdraw and ZcToken.redeem will be reverted.

#Proof of Concept

In ZcToken.withdraw and ZcToken.redeem, it calls redeemer.authRedeem. redeemer can be MarketPlace here. But MarketPlace.authRedeem calls ISwivel(swivel).authRedeem.

<; fd36ce96b46943026cb2dfcb76dfa3f884f51c18/Marketplace/MarketPlace.sol#L156

And authRedeem function is not defined in Swivel contract. So withdraw and redeem of ZcToken will be reverted.

Tools Used


Recommended Mitigation Steps

Change authRedeem to authRedeemZcToken in MarketPlace.

  function authRedeem(uint8 p, address u, uint256 m, address f, address t, uint256 a) public authorized(markets[p][u][m].zcToken) returns (uint256 underlyingAmount) {
    Market memory market = markets[p][u][m];
    // if the market has not matured, mature it...
    if (market.maturityRate == 0) {
      if (!matureMarket(p, u, m)) { revert Exception(30, 0, 0, address(0), address(0)); }

      if (!IZcToken(market.zcToken).burn(f, a)) { revert Exception(29, 0, 0, address(0), address(0)); }

-      ISwivel(swivel).authRedeem(p, u, market.cTokenAddr, t, a);
+      ISwivel(swivel).authRedeemZcToken(p, u, market.cTokenAddr, t, a);

      return (a);
    } else {

      if (!IZcToken(market.zcToken).burn(f, a)) { revert Exception(29, 0, 0, address(0), address(0)); }

      uint256 amount = calculateReturn(p, u, m, a);
-      ISwivel(swivel).authRedeem(p, u, market.cTokenAddr, t, amount);
+      ISwivel(swivel).authRedeemZcToken(p, u, market.cTokenAddr, t, amount);

      return (amount);

The text was updated successfully, but these errors were encountered:

All reactions