A malicious subprotocol can register a name that looks the same as any other protocol.
Users may use the malicious subprotocol because they can’t distinguish the names, and be cheated out of subprotocolFee.
Any subprotocol can be registered with any name in SubprotocolRegistry.sol#register().
Suppose a popular subprotocol named “CidExt”.
A malicious user can register malicious subprotocols with names: “CidExt”, “CidExt”, “CIDEXT”, “cidext”, etc.
If users looks up a list of subprotocols on a navigation page, it is difficult to find the correct “CidExt” subprotocol among the similar names.
These malicious subrotocols may allow any user to call CidNFT.sol#add() with it successfully, without having to own the subprotocol NFT in advance.
As a result, if a user select a malicious subprotocol, he will be cheated of the protocol fee when calling CidNFT.sol#add().
Manual
I recommend limiting the character set for subprotocol name, at least disable blank chars(whitespace, tabs) and be case-insensitive.
The text was updated successfully, but these errors were encountered:
All reactions