Limited availability of balance_of(...)
method
#50
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Warden finding
edited-by-warden
M-01
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
sufficient quality report
This report is of sufficient quality
Lines of code
https://github.com/code-423n4/2024-03-phala-network/blob/a01ffbe992560d8d0f17deadfb9b9a2bed38377e/phala-blockchain/crates/pink/runtime/src/runtime/extension.rs#L270
Vulnerability details
Impact
According to the documentation (online and in-line), the availability of the balance_of(...) method (see code below) should be any contract instead of system only which is caused by the present
ensure_system
check.The ensure_system(...) method returns a
BadOrigin
error in case the caller/origin is not the system contract.Consequence:
The availability of the balance_of(...) method is limited to the system contract instead of being accessible to anyone. Therefore, user contracts relying on this method will inevitably fail.
For comparison:
The
import_latest_system_code(...)
method has consistent system only availability according to the implementation and documentation.Proof of Concept
Please add the test case below to
phala-blockchain/crates/pink/runtime/tests/test_pink_contract.rs
and run it withcargo test test_balance_of -- --nocapture
.The test will fail with a BadOrigin error as discussed above.
Tools Used
Manual review
Recommended Mitigation Steps
Remove the
ensure_system
check from the balance_of(...) method to ensure availability for any contract.Assessed type
Invalid Validation
The text was updated successfully, but these errors were encountered: