Unprotected call to a function sending Ether to an arbitrary address.

[c4-submissions]

Lines of code

https://github.com/code-423n4/2023-10-nextgen/blob/8b518196629faa37eae39736837b24926fd3c07c/smart-contracts/MinterContract.sol#L461
https://github.com/code-423n4/2023-10-nextgen/blob/8b518196629faa37eae39736837b24926fd3c07c/smart-contracts/MinterContract.sol#L437

Vulnerability details

Impact

If the admin address is controlled by a malicious party, they could drain the entire balance of the contract, which might not be the intended behavior.

Proof of Concept

function emergencyWithdraw() public FunctionAdminRequired(this.emergencyWithdraw.selector) {
    uint balance = address(this).balance;
    address admin = adminsContract.owner();
    (bool success, ) = payable(admin).call{value: balance}("");
    emit Withdraw(msg.sender, success, balance);
}

       (bool success4, ) = payable(tm1).call{value: teamRoyalties1}("");
        (bool success5, ) = payable(tm2).call{value: teamRoyalties2}("");

Tools Used

Manual Review

Recommended Mitigation Steps

Ensure that an arbitrary user cannot withdraw unauthorized fund, by adding additional checks and controls..

Assessed type

Reentrancy

[c4-pre-sort]

141345 marked the issue as duplicate of #478

[c4-judge]

alex-ppg marked the issue as not a duplicate

[alex-ppg]

The Warden highlights potential areas of untrusted native fund disbursements, however, they fail to pinpoint why these fund disbursements may misbehave.

[c4-judge]

alex-ppg marked the issue as unsatisfactory:
Insufficient proof

[alex-ppg]

As the Warden has submitted multiple invalid findings, I will group any other invalid findings here without providing additional rationale in compliance with the relevant SC verdict.

[c4-judge]

alex-ppg marked the issue as primary issue