sui_vulnerable_vault

I will update this project in the future. Now, we have to co...

[H1] Improper access control in withdraw at SemifungibleVault.sol

Lines of code Vulnerability details Impact Anyone can withdraw on behalf of approved user Proof of Concept Function withdraw at SemifungibleVault.sol has incorrect access control. As the owner is passed as a parameter anyone can call withdraw to a approved receiver. function withdraw uint256 id,...

Users can lose funds because It's possible to call withdraw() in Vault without call to endEpoch() by Controller.triggerEndEpoch(),

Lines of code Vulnerability details Impact users shouldn't be allowed to withdraw their funds before epoch settling down, and code should check that endEpoch has been called before allowing withdraw for that epoch. but right now withdraw only checks that epoch has been ended and this would happen...

Inactive skipped assets can be drained from the index

Lines of code Vulnerability details Impact If an index has any inactive assets with the role SKIPPEDASSETROLE, a user can repeatedly deposit and withdraw assets, always getting the skipped asset without having to deposit any Proof of Concept During minting, any asset that has the 'skipped' role i...