Permanent Whitelisting in PrelaunchPoints Contract Poses Security Risks
howlbot-integration opened this issue · 4 comments
Lines of code
Vulnerability details
Impact
The inability to set isTokenAllowed to false means that once a token is whitelisted, it cannot be removed. This presents several risks e.g If a whitelisted token is found to have vulnerabilities or is compromised, it cannot be removed, potentially endangering the assets locked in the contract and it cannot respond to issues with whitelisted tokens, such as hacks.
Proof of Concept
The contract lacks a function to update the isTokenAllowed mapping to false. The only related function, allowToken, can set a token's status to true but not the opposite.nshots, logs, or any other relevant proof that illustrates the concept.
Tools Used
Manual
Recommended Mitigation Steps
+ function allowToken(address _token, bool _allowed) external onlyAuthorized {
+ isTokenAllowed[_token] = _allowed;
}
This way function allowToken can be used to both white-list and delist tokens. Note: this is only suggested because its said admin is trusted. As this could be used to withdraw funds from the contract by admin via function recoverERC20.
Assessed type
Other
This poses a security risk in case of malicious owner, since disallowedTokens can be withdrawn by owner
koolexcrypto marked the issue as unsatisfactory:
Invalid