QA Report #610

code423n4 · 2022-07-14T19:31:27Z

Title: Insufficient Input Validation

Impact

Proof of Concept

Check if “_id” exist or not
Check if “_amount” is greater than zero
https://github.com/code-423n4/2022-07-fractional/blob/e2c5a962a94106f9495eb96769d7f60f7d5b14c9/src/FERC1155.sol#L56

Check if “_id” exist or not
Check if “_amount” is greater than zero
https://github.com/code-423n4/2022-07-fractional/blob/e2c5a962a94106f9495eb96769d7f60f7d5b14c9/src/FERC1155.sol#L79

Check _operator not to be zero
Check if “_id” exist or not
https://github.com/code-423n4/2022-07-fractional/blob/e2c5a962a94106f9495eb96769d7f60f7d5b14c9/src/FERC1155.sol#L186

Check _salePrice to be greater than zero
https://github.com/code-423n4/2022-07-fractional/blob/e2c5a962a94106f9495eb96769d7f60f7d5b14c9/src/FERC1155.sol#L241

Tools Used

Manual

Recommended Mitigation Steps

add input validation specifically to external functions

==================================================================
Title: Two-step change of privileged roles

Impact

In a single-step change, if the current admin accidentally changes the new admin to a zero-address or an incorrect address (where the private keys are not available), the system is left without an operational admin and will have to be redeployed.

Proof of Concept

https://github.com/code-423n4/2022-07-fractional/blob/e2c5a962a94106f9495eb96769d7f60f7d5b14c9/src/FERC1155.sol#L229
https://github.com/code-423n4/2022-07-fractional/blob/8f2697ae727c60c93ea47276f8fa128369abfe51/src/Vault.sol#L93

Tools Used

Manual

Recommended Mitigation Steps

When privileged roles are being changed, it is recommended to follow a two-step approach: 1) The current privileged role proposes a new address for the change 2) The newly proposed address then claims the privileged role in a separate transaction. This two-step change allows accidental proposals to be corrected instead of leaving the system operationally with no/malicious privileged role.

Title: missing check for transfer’s return value

Impact

Should return a boolean. Several tokens do not return a boolean on these functions. As a result, their calls in the contract might fail.

Proof of Concept

See here
https://github.com/crytic/building-secure-contracts/blob/master/development-guidelines/token_integration.md#erc-conformity
code
https://github.com/code-423n4/2022-07-fractional/blob/8f2697ae727c60c93ea47276f8fa128369abfe51/src/references/TransferReference.sol#L22

Tools Used

Manual

Recommended Mitigation Steps

Use require

Title: Missing zero address check

Impact

The functions should first check the address.

Proof of Concept

Tools Used

Manual

Recommended Mitigation Steps

Check zero address

code423n4 added bug Warden finding QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax labels Jul 14, 2022

code423n4 added a commit that referenced this issue Jul 14, 2022

aysha issue #610

b5a1e39

stevennevins added the sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue label Jul 28, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

QA Report #610

QA Report #610

code423n4 commented Jul 14, 2022

QA Report #610

QA Report #610

Comments

code423n4 commented Jul 14, 2022

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps

Use require

Impact

Proof of Concept

Tools Used

Recommended Mitigation Steps