This repository has been archived by the owner on May 26, 2023. It is now read-only.
HollaDieWaldfee - Attacker can fund bounty contract with multiple worthless ERC20 such that TOKEN_ADDRESS_LIMIT is reached #24
Comments
github-actions
bot
added
Duplicate
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
HollaDieWaldfee
medium
Attacker can fund bounty contract with multiple worthless ERC20 such that TOKEN_ADDRESS_LIMIT is reached
Summary
A bounty contract can only be funded with a certain amount of different ERC20 tokens that are not in the
DepositMangerV1's whitelist.It is checked in the
DepositManagerV1contract if this amount has been reached:https://github.com/sherlock-audit/2023-02-openq/blob/main/contracts/DepositManager/Implementations/DepositManagerV1.sol#L36-L50
This can be exploited.
Vulnerability Detail
When the bounty is created the attacker can fund the bounty contract with so many different worthless ERC20 tokens that the limit is reached and no additional ERC20 tokens can be deposited.
Impact
The attacker can DOS the funding functionality such that the ERC20 token limit is used up with useless tokens.
Code Snippet
https://github.com/sherlock-audit/2023-02-openq/blob/main/contracts/DepositManager/Implementations/DepositManagerV1.sol#L36-L50
Tool used
Manual Review
Recommendation
The bounty issuer should be able to specify a list of tokens that can be used for funding.
Duplicate of #530
The text was updated successfully, but these errors were encountered: