Mint/Redeem Hook setting can be frontrun #9
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-93
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/prepo-io/prepo-monorepo/blob/feat/2022-12-prepo/apps/smart-contracts/core/contracts/PrePOMarket.sol#L109-L117
Vulnerability details
Impact
Mint/Redeem Hooks are not set in the constructor, but with a separate transaction. If the owner wants to add a mint/redeem hook that requires
msg.sender validation, an adversary can back run the market-creation/front-run the hook-setting transaction to allow them to mint/redeem where there normally would be rejected due to some action or requirement being implemented in the mint-hook
Proof of Concept
Tools Used
Recommended Mitigation Steps
Include IMarketHook parameters for _mintHook and _redeemHook in the constructor so that all mints are required to obey hook rules from the start. The address can be zero if the owner chooses not to include a hook but should have the option to.
The text was updated successfully, but these errors were encountered: