diff --git a/submissions/description/decentralized_application_misconfiguration/marketplace_security/Improper_Validation_and_Checks_For_Deposits_and_Withdrawals/guidance.md b/submissions/description/decentralized_application_misconfiguration/marketplace_security/Improper_Validation_and_Checks_For_Deposits_and_Withdrawals/guidance.md deleted file mode 100644 index ee88d9d2..00000000 --- a/submissions/description/decentralized_application_misconfiguration/marketplace_security/Improper_Validation_and_Checks_For_Deposits_and_Withdrawals/guidance.md +++ /dev/null @@ -1,5 +0,0 @@ -# Guidance - -Provide a step-by-step walkthrough with a screenshot on how you exploited the vulnerability. This will speed up triage time and result in faster rewards. Please include specific details on where you identified the vulnerability, how you identified it, and what actions you were able to perform as a result. - -Attempt to escalate the vulnerability to perform additional actions. If this is possible, provide a full Proof of Concept (PoC). diff --git a/submissions/description/decentralized_application_misconfiguration/marketplace_security/Improper_Validation_and_Checks_For_Deposits_and_Withdrawals/recommendations.md b/submissions/description/decentralized_application_misconfiguration/marketplace_security/Improper_Validation_and_Checks_For_Deposits_and_Withdrawals/recommendations.md deleted file mode 100644 index 4498324d..00000000 --- a/submissions/description/decentralized_application_misconfiguration/marketplace_security/Improper_Validation_and_Checks_For_Deposits_and_Withdrawals/recommendations.md +++ /dev/null @@ -1,8 +0,0 @@ -# Recommendation(s) - -Implementing the following defensive measures in the decentralized application can prevent and limit the impact of the vulnerability: - -- Implement strict validation mechanisms for deposits and withdrawals, ensuring that transactions are fully confirmed before allowing withdrawals. -- Use decentralized oracles to verify external wallet balances and ensure synchronization with the marketplace. -- Regularly audit the deposit and withdrawal logic for potential vulnerabilities. -- Introduce rate limits and monitoring to prevent multiple withdrawal attempts in a short period. diff --git a/submissions/description/decentralized_application_misconfiguration/marketplace_security/Improper_Validation_and_Checks_For_Deposits_and_Withdrawals/template.md b/submissions/description/decentralized_application_misconfiguration/marketplace_security/Improper_Validation_and_Checks_For_Deposits_and_Withdrawals/template.md deleted file mode 100644 index 5a04dffc..00000000 --- a/submissions/description/decentralized_application_misconfiguration/marketplace_security/Improper_Validation_and_Checks_For_Deposits_and_Withdrawals/template.md +++ /dev/null @@ -1,19 +0,0 @@ -Improper validation and checks for deposits and withdrawals occur when the marketplace fails to adequately verify user deposits or withdrawals, leading to potential double-spending, unauthorized transactions, or incorrect balances. This misconfiguration is caused by poor validation logic or synchronization issues between the marketplace and external wallets. - -**Business Impact** - -Incorrect validation can lead to financial discrepancies, enabling attackers to withdraw funds without proper deposits or double-spend assets. It may also cause user dissatisfaction due to incorrect balances, damaging the platform’s reputation and leading to potential legal disputes. - -**Steps to Reproduce** - -1. Navigate to the following URL: {{URL}} -1. Deposit funds into a marketplace account -1. Identify and exploit any inconsistencies in the validation or synchronization logic between the marketplace and the external wallet -1. Trigger a withdrawal request that exceeds the deposited amount or simulate multiple withdrawals in quick succession -1. Observe that the account balances to verify that unauthorized or excess withdrawals were successful - -**Proof of Concept** - -The screenshot(s) below demonstrate(s) the vulnerability: -> -> {{screenshot}}