Audit Anomalies Archive — Issue#3
External functions in smart contracts enable users to input specific values. Let’s illustrate this with examples: In a Vault, actions like depositing or withdrawing. Similarly, in an ERC20 contract, functions such as transfer, transferFrom, and approve also involve passing inputs. Each of these functions comes with safeguards, often implemented by OpenZeppelin. So, if an unexpected input is provided, the function call reverts. For example, an user attempting to withdraw more than what has been deposited triggers this protection.
Time for an Example
However, what if a developer creating a new function overlooks input validation? This oversight could lead to users inputting arbitrary values that could disrupt the system. Let’s understand this through a common scenario: Imagine a developer allowing users to input an address, which the contract then uses for a delegatecall. The developer assumes the provided address is always valid, but a malicious user might input a malicious contract address and exploit to steal funds.
The Issue
function getPlatformFee(uint256 _amount, bool _isNative, uint256 decimals)
internal returns (uint256) {
uint256 decimal_amount = _amount / 10 ** decimals;
if (decimal_amount >= fee_limit) {
//pay the fee logic
}
}I alongside devScrooge encountered a way users could bypass the platform fee in a private audit. In this case, users are obliged to pay a fee if the amount exceeds a predefined limit. Unfortunately, a function named getPlatformFee directly takes decimal inputs from users. This vulnerability enables a malicious user to provide an inflated value, causing the condition decimal_amount >= fee_limit to yield false results, thus evading the fee payment.
The Fix
The developer could utilize the token’s contract address to retrieve its decimal value, eliminating the need for users to input the value manually.
The crucial lesson here for smart contract developers is to thoughtfully assess whether user inputs are genuinely necessary or it is feasible fetching values through alternative methods which are secure. Instances where user input is unavoidable, thorough unit testing becomes essential to prevent disruptions to the system.
For a practical demonstration of this issue via Foundry, you can find more details in this link.
Read the Audit Report here.
Thank For Reading.
