OxTushar - Griefing Attack Through Fake Orders and Lack of Ownership Validation in Buy Orders #1018
Comments
sherlock-admin3
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
OxTushar
Medium
Griefing Attack Through Fake Orders and Lack of Ownership Validation in Buy Orders
Summary
The
DebitaBorrowOffer-Factory.solallows attackers to create fake orders with arbitrary token addresses, including those that may not exist. Additionally, there are no checks to ensure that a buy order for the same NFT is created by the same owner. This opens the system to abuse, griefing, and operational inefficiencies.https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/DebitaBorrowOffer-Factory.sol#L75
https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/DebitaBorrowOffer-Implementation.sol#L82
Root Cause
There is no check in the borrow order contracts to verify if the collateral is a vaild collateral or not This allows attackers to create orders with invalid or non-existent token addresses.
Multiple buy orders can be created for the same NFT without validating if the buyer already has a claim or right to it.
Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
No response
Impact
Attackers can create multiple fake orders with non-existent tokens, bloating the system and creating confusion.
These orders waste storage and computational resources, affecting legitimate users.
Multiple buy orders for the same NFT can lead to collisions or overwrites, making the auctioning process unreliable.
The attacker can fill the system with orders that will never resolve, effectively locking out legitimate users from efficiently participating.
PoC
No response
Mitigation
No response
The text was updated successfully, but these errors were encountered: