Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Insufficient input validation may lead to loss of funds due to invalid or malicious input data. #9

Closed
howlbot-integration bot opened this issue Nov 4, 2024 · 3 comments
Closed

Insufficient input validation may lead to loss of funds due to invalid or malicious input data. #9

howlbot-integration bot opened this issue Nov 4, 2024 · 3 comments
Labels
2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working primary issue Highest quality submission among a set of duplicates 🤖_00_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality unsatisfactory does not satisfy C4 submission criteria; not eligible for awards

Comments

@howlbot-integration
Copy link

Lines of code

https://github.com/ronin-chain/katana-operation-contracts/blob/27f9d28e00958bf3494fa405a8a5acdcd5ecdc5d/src/aggregate-router/base/Dispatcher.sol#L50

Vulnerability details

Proof of Concept

Insufficient Input Validation: The contract relies on user-supplied data but does not adequately validate these inputs, such as recipient or amount. Malicious or erroneous inputs could result in unintended transactions or loss of funds.

Proof of Concept: If a user provides a 0x0 recipient address, funds could be sent to an invalid address, effectively burning them. Another example would be overly high values for slippage in swap functions (amountOutMin).
User calls dispatch with recipient set to 0x0.
Funds are transferred to a zero address, making them unrecoverable.

Impact: Loss of funds due to invalid or malicious input data.

Recommended Mitigation Steps

  1. Validate recipient addresses and ensure they are not set to 0x0.
  2. Set upper/lower bounds for amounts, slippage tolerances, and other sensitive parameters.
  3. Implement sanity checks for other inputs to ensure they are within acceptable ranges.

Example:In Solidity, failing to validate addresses has led to several incidents of funds being sent to 0x0.

Assessed type

Invalid Validation
@howlbot-integration howlbot-integration bot added 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value 🤖_00_group AI based duplicate group recommendation bug Something isn't working primary issue Highest quality submission among a set of duplicates sufficient quality report This report is of sufficient quality labels Nov 4, 2024
howlbot-integration bot added a commit that referenced this issue Nov 4, 2024
@howlbot-integration
DCENT09 issue #9
b4b0e67
@khangvv
Copy link

khangvv commented Nov 4, 2024

Transfers to the zero address are a user preference; users should be free to transfer to any address they choose. If this is a suggestion for best practices (maybe in the QA report?), I still respectfully disagree. As Katana is a DEX intended to work with standard ERC20 tokens, the logic for allowing or prohibiting transfers to the zero address should be managed by the token contract itself.

@khangvv khangvv added the sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue label Nov 4, 2024
@khangvv khangvv mentioned this issue Nov 5, 2024
Closed
@alex-ppg
Copy link

The Warden outlines that insufficient input validation is applied on dispatch interactions, however, they are meant to be permissionless and no input sanitization is meant to be applied to them given that the Ronin AMM is a DEX implementation.

@c4-judge
Copy link

alex-ppg marked the issue as unsatisfactory:
Invalid

@c4-judge c4-judge added the unsatisfactory does not satisfy C4 submission criteria; not eligible for awards label Nov 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working primary issue Highest quality submission among a set of duplicates 🤖_00_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality unsatisfactory does not satisfy C4 submission criteria; not eligible for awards
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@alex-ppg @c4-judge @khangvv