Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PA1D: Recipient can grief payouts #200

Closed
code423n4 opened this issue Oct 24, 2022 · 2 comments
Closed

PA1D: Recipient can grief payouts #200

code423n4 opened this issue Oct 24, 2022 · 2 comments
Labels
bug Something isn't working grade-c QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax

Comments

@code423n4
Copy link
Contributor

Lines of code

https://github.com/code-423n4/2022-10-holograph/blob/24bc4d8dfeb6e4328d2c6291d20553b1d3eff00b/src/enforcer/PA1D.sol#L297

Vulnerability details

Impact

_payoutEth iterates over all recipient addresses and calls transfer on them. Because of that, one single recipient can cause the whole payout to fail (either by reverting in the fallback function or by using too much gas).

Note that the same problem theoretically also exists for _payoutToken, although to a lesser extent, because letting ERC20 transfers revert on purpose is harder as a recipient. However, when ERC777 tokens are used it is possible (with the hook) and for some ERC20 tokens it can also happen without the involvement of the user (e.g., the USDC blacklist). The USDC blacklist could potentially be even used by other persons that are not even a recipient to let all payments fail: When it is possible to get a recipient on the blacklist (e.g., by sending him ETH from Tornado Cash), all USDC payouts will fail.

Proof Of Concept

Let's say one recipient receives a very small share (e.g., 1%) of the payouts and is not happy with that. Therefore, he decides to blackmail the other recipients. He does so by creating a contract that reverts in the fallback function if it is configured to do so. The loss for the individual recipient is very small (1%), but the other 99% of the other recipients are also stuck as long as this contract exists.

Recommended Mitigation Steps

Accumulate the share for each recipient and let them retrieve the ETH, i.e. a pull pattern instead of the current push one (see also https://fravoll.github.io/solidity-patterns/pull_over_push.html for more details).
@code423n4 code423n4 added 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working labels Oct 24, 2022
code423n4 added a commit that referenced this issue Oct 24, 2022
@code423n4
Lambda issue #200
cfdded2
@gzeoneth gzeoneth added the duplicate This issue or pull request already exists label Oct 28, 2022
@gzeoneth
Copy link
Member

Duplicate of #33

@gzeoneth gzeoneth marked this as a duplicate of #33 Oct 28, 2022
@gzeoneth gzeoneth added QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax and removed 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value labels Nov 21, 2022
@gzeoneth
Copy link
Member

As QA report

@gzeoneth gzeoneth reopened this Nov 21, 2022
@gzeoneth gzeoneth removed the duplicate This issue or pull request already exists label Nov 21, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working grade-c QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@code423n4 @CloudEllie @gzeoneth