SETFEE() SHOULD BE TIMELOCKED #17
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate
This issue or pull request already exists
Lines of code
https://github.com/code-423n4/2022-06-putty/blob/3b6b844bc39e897bd0bbb69897f2deff12dc3893/contracts/src/PuttyV2.sol#L240
Vulnerability details
Impact
Currently the implementation of
PuttyV2.setFee()
can be changed at any time although it emits the respective event and has a maximum value. Because theowner()
of this contract can be any address (multisig, EOA, DAO multisig, etc.) there are no insights on how are going to be changed the fees and when.Proof of Concept
Sticking up to the contract code itself, the fee can be changed freely within the given range. This means that for instance a malicious owner can be monitoring the mempool, frontrun other benign users and increase the fee up to 3% whenever he wants which will convey in a sort of fraud. If the attack is wanted to be performed in an even more intricate way, the owner can also backrun the transaction and take the fee back to what it was before this process.
Recommended Mitigation Steps
In order to prevent this, timelocking the setFee function will help provide trust and predictability on how the protocol will work.
The text was updated successfully, but these errors were encountered: