5 matches found
If a label for a domain gets locked once, the domain will never be able to be claimed in DNSRegistrar.sol, since there's no method to unlock a label
Lines of code Vulnerability details Proof of Concept When claiming a domain in DNSRegistrar.sol either through proveAndClaim or proveAndClaimWithResolver, the internal function enableNode will be called. The snippet bellow shows that when owner == address0 or owner == previousRegistrar and...
DNSRegistrar does not support domain trees which is key functionality for DNS
Lines of code Vulnerability details Description In DNS it is exceedingly common to have paths such as a.b.c or a.b.c.d. However, the DNSRegistrar fails to support it. enableNode verifies the parent domain is a valid public suffix. function enableNodebytes memory domain public returns bytes32 node...
Anyone can call enableNode and set a node resolver
Lines of code Vulnerability details Impact The lack of access control allows anyone to call the enableNode function and set the ENS resolver to the resolver set in DNSRegistrar if it has not been set before, or it belongs to the previous registrar set on the contract. This results in any unset no...
Claiming of domains will likely be locked due to a bad check in _enableNode
Lines of code Vulnerability details Description DNS name claims all go through claim which calls enableNode, which calls enableNode. Nodes are enabled recursively, from the root downwards.The following check occurs in enableNode: node = keccak256abi.encodePackedparentNode, label; address owner =...
proveAndClaim and proveAndClaimWithResolver can be front-run to claim the same name by a malicious user
Lines of code Vulnerability details Impact In the DNSRegistrar contract, the proveAndClaim and proveAndClaimWithResolver functions are used to claim a name. And this name is not encrypted. This can create a race condition because once this name is claimed, it cannot be claimed by other users. In...