ReputationMarket does not implement `targetExistsAndAllowedForId()` function

Summary

Ethos contracts should implement the targetExistsAndAllowedForId() function to check if an id exists for a contract. However, this function is not implemented in ReputationMarket.sol, which results in users being unable to add a reply or vote for a ReputationMarket entity.

Root Cause

In the EthosDiscussion::addReply() and EthosVote::voteFor() functions, ITargetStatus(targetContract).targetExistsAndAllowedForId(targetId) is always checked. Since ReputationMarket doesn't implement this function, users cannot add a reply or vote for a ReputationMarket entity.

Internal pre-conditions

None.

External pre-conditions

None.

Attack Path

A user calls EthosVote::voteFor() or EthosDiscussion::addReply() to add a reply or vote for a ReputationMarket entity, but the call reverts as ReputationMarket.sol does not implement targetExistsAndAllowedForId() function.

Impact

Users cannot add a reply or vote for a ReputationMarket.

PoC

No response

Mitigation

Implement the targetExistsAndAllowedForId() function for ReputationMarket.sol.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

078.md

078.md

ReputationMarket does not implement `targetExistsAndAllowedForId()` function

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation

Files

078.md

Latest commit

History

078.md

File metadata and controls

ReputationMarket does not implement targetExistsAndAllowedForId() function

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation

ReputationMarket does not implement `targetExistsAndAllowedForId()` function