New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GovNFT: maxBridge has no effect #334
Comments
R |
GalloDaSballo changed the severity to QA (Quality Assurance) |
I disagree with the severity downgrade. |
GainsGoblin requested judge review |
@GainsGoblin Thank you for flagging. I have checked the LayerZero Library and it seems like it will not revert when relaying a tx that is too expensive. For this reason I agree with you and will raise Severity to Medium. The Warden has shown how, an unused variable, which was meant to cap the amount of tokens bridged per call, could cause a DOS. These types of DOS could only be fixed via Governance Operations, and could create further issues, for this reason I agree with Medium Seveirty |
Reverted back to M and set as Primary issue as requested by @GalloDaSballo |
GalloDaSballo marked the issue as selected for report |
Mitigation: code-423n4/2022-12-tigris#2 (comment) |
GainsGoblin marked the issue as sponsor confirmed |
Lines of code
https://github.com/code-423n4/2022-12-tigris/blob/496e1974ee3838be8759e7b4096dbee1b8795593/contracts/GovNFT.sol#L19-L20
Vulnerability details
Impact
In GovNFT, setMaxBridge function is provided to set maxBridge, but this variable is not used, literally it should be used to limit the number of GovNFTs crossing chain, but it doesn't work in GovNFT.
Proof of Concept
https://github.com/code-423n4/2022-12-tigris/blob/496e1974ee3838be8759e7b4096dbee1b8795593/contracts/GovNFT.sol#L19-L20
https://github.com/code-423n4/2022-12-tigris/blob/496e1974ee3838be8759e7b4096dbee1b8795593/contracts/GovNFT.sol#L311-L313
Tools Used
None
Recommended Mitigation Steps
Consider applying the maxBridge variable
The text was updated successfully, but these errors were encountered: