Skip to content
This repository has been archived by the owner on Jan 26, 2023. It is now read-only.

Able to steal funds #5

Closed
NickErrant opened this issue Nov 10, 2017 · 4 comments
Closed

Able to steal funds #5

NickErrant opened this issue Nov 10, 2017 · 4 comments

Comments

@NickErrant
Copy link

When bounty is denominated in ether, only validation on the amount field when a bounty is created is require(_amount >= msg.value);

smart_contracts/contracts/bounty/BountyIndex.sol

Line 75 in 9100e1c

require(_amount >= msg.value);

Attacker could post bounty where _amount is greater than msg.value, but lower than the balance of the contract, then claim/approve said bounty for themselves. This would effectively steal the difference between _amount - msg.value.

Suggested fix:
When bounty is denominated in ether, set amount for that bounty equal to msg.value
owocki added a commit that referenced this issue Nov 11, 2017
@owocki
https://github.com/gitcoinco/smart_contracts/issues/5
f33510f
@owocki
Copy link
Contributor

owocki commented Nov 11, 2017

f33510f

@owocki
Copy link
Contributor

owocki commented Nov 11, 2017

migrating contract now.

@owocki owocki mentioned this issue Nov 11, 2017
Closed
@owocki
Copy link
Contributor

owocki commented Nov 11, 2017

just sent you a tip for submitting this. thanks @NickErrant !

@NickErrant
Copy link
Author

Received bounty payment :)

@owocki owocki closed this as completed Dec 20, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@owocki @NickErrant