Skip to content

Latest commit

 

History

History
44 lines (22 loc) · 1.3 KB

File metadata and controls

44 lines (22 loc) · 1.3 KB

Quick Holographic Canary

Medium

Blocked profiles can still create markets

Summary

The function createMarketWithConfigAdmin in ReputationMarket.sol is missing a check for blocked accounts (!creationAllowedProfileIds[senderProfileId]), which can be exploited to create a market even when the profile ID is blocked from doing so.

Root Cause

ReputationMarket::createMarketWithConfigAdmin should revert if the user's profile is blacklisted from creating a market.

Internal pre-conditions

  1. The admin needs to call ReputationMarket::createMarketWithConfigAdmin, as this function is restricted to admin-level access.

External pre-conditions

No response

Attack Path

  1. The user's profile is blocked from creating a market.
  2. The admin is unaware that the createMarketWithConfigAdmin function is missing checks for blocked accounts.
  3. The admin calls createMarketWithConfigAdmin with a blocked profile ID.
  4. The market is created despite the user being blocked from creating a market.

Impact

Profiles blocked from creating markets can still bypass restrictions and create a market.

PoC

No response

Mitigation

No response