chaduke
medium
validateCommitment() fails to invalidate the case of _commitment.collateralTokenType == CommitmentCollateralType.NONE
validateCommitment() fails to invalidate the case of _commitment.collateralTokenType == CommitmentCollateralType.NONE.
The validateCommitment() function allows a user to validate the correctness of a commitment, including expiration, maxPrincipal, etc.
However, the case of commitment.collateralTokenType == CommitmentCollateralType.NONE will bypass the check since the function only performs some checks when commitment.collateralTokenType != CommitmentCollateralType.NONE:
if (_commitment.collateralTokenType != CommitmentCollateralType.NONE) {
require(
_commitment.maxPrincipalPerCollateralAmount > 0,
"commitment collateral ratio 0"
);
if (
_commitment.collateralTokenType ==
CommitmentCollateralType.ERC20
) {
require(
_commitment.collateralTokenId == 0,
"commitment collateral token id must be 0 for ERC20"
);
}
}As a result, when commitment.collateralTokenType == CommitmentCollateralType.NONE, the commitment will be validated as correct even though it is not.
validateCommitment() fails to invalidate the case of _commitment.collateralTokenType == CommitmentCollateralType.NONE.
see above
VSCode
Manual Review
Make sure to check commitment.collateralTokenType != CommitmentCollateralType.NONE.
function validateCommitment(Commitment storage _commitment) internal {
require(
_commitment.expiration > uint32(block.timestamp),
"expired commitment"
);
require(
_commitment.maxPrincipal > 0,
"commitment principal allocation 0"
);
+ if (_commitment.collateralTokenType != CommitmentCollateralType.NONE)
+ revert InvalidCommitmentCollateralType();
- if (_commitment.collateralTokenType != CommitmentCollateralType.NONE) {
require(
_commitment.maxPrincipalPerCollateralAmount > 0,
"commitment collateral ratio 0"
);
if (
_commitment.collateralTokenType ==
CommitmentCollateralType.ERC20
) {
require(
_commitment.collateralTokenId == 0,
"commitment collateral token id must be 0 for ERC20"
);
}
- }
}