Lucene search

K
code423n4Code4renaCODE423N4:2023-09-VENUS-FINDINGS-ISSUES-598
HistoryOct 04, 2023 - 12:00 a.m.

Potential Fund Compromise via Malicious Token Insertion

2023-10-0400:00:00
Code4rena
github.com
4
vulnerability
scam token
sweeptoken function

7 High

AI Score

Confidence

Low

Lines of code

Vulnerability details

Impact

Since any token can be sent to the PrimeLiquidityProvider contract there is a great chance of an attacker sending a scam token with some legit value in it to lure the owner making him sweep those tokens and by doing so compromising the whole contract’s funds.

Proof of Concept

The PrimeLiquidityProvider contract has a sweepToken function only accessed by the owner for the purpose of rescuing any tokens sent to it, the problem is that there is no check for the reliability of this token being swept. This malicious token could indeed have some value to it like being a meme coin for example but with a shady smart contract doing other things like using the caller to compromise the whole contract.

Tools Used

Manual

Recommended Mitigation Steps

Maybe adding a whitelist of trusted tokens could help mitigate this, but other than that making the contract call any other contract without a whitelist is pretty dangerous to the contract funds.

Assessed type

Invalid Validation


The text was updated successfully, but these errors were encountered:

All reactions

7 High

AI Score

Confidence

Low