claimer
can not be set to address zero as it's stated in code comments
#36
Labels
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-c
insufficient quality report
This report is not of sufficient quality
primary issue
Highest quality submission among a set of duplicates
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
unsatisfactory
does not satisfy C4 submission criteria; not eligible for awards
Lines of code
https://github.com/code-423n4/2024-03-pooltogether/blob/main/pt-v5-vault/src/PrizeVaultFactory.sol#L80
https://github.com/code-423n4/2024-03-pooltogether/blob/main/pt-v5-vault/src/PrizeVault.sol#L299
https://github.com/code-423n4/2024-03-pooltogether/blob/main/pt-v5-vault/src/abstract/Claimable.sol#L67
Vulnerability details
Impact
claimer
can not be set to address zero if none is available yet as it's stated in code comments.Proof of Concept
When we deploy a new PrizeVault there is a comment sections above the deploy func:
However it is not possible as there is a check in Claimable contract.
Vault Factory deployment goes to the Vault constructor:
where it forward a variables to the Claimable contract to initiate it:
And
_setClaimer()
check for address(0) and revert the tx in case of that.Tools Used
Manual review
Recommended Mitigation Steps
If it suppose to be allowed to be set as zero address initially, consider to set it directly in the constructor and make a
_setClaimer()
as public to let user or admin to set the claimer later.Assessed type
Context
The text was updated successfully, but these errors were encountered: