Function _createMarket is not payable and it use msg.value

Summary

The function _createMarket() is not payable function. In the function, it use msg.value to compare with initialLiquidityRequired.

Root Cause

https://github.com/sherlock-audit/2024-11-ethos-network-ii/blob/main/ethos/packages/contracts/contracts/ReputationMarket.sol#L315-L350

The function is not a payable function, the usage of msg.value is not allowed in the function. And also the comparision between msg.value and initialLiquidtyRequired is meaningless. The function will not work as expected due to this issue. To fix it, better claim a variable to bring msg.value from the function which called funtion _createMarket to function _createMarket.

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

No response

PoC

No response

Mitigation

No response

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

046.md

046.md

Function _createMarket is not payable and it use msg.value

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation

Files

046.md

Latest commit

History

046.md

File metadata and controls

Function _createMarket is not payable and it use msg.value

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation