Submitted by (4) vlad_bochok, also found by indijanc, Lambda, and wastewa
https://code4rena.com/reports/2022-08-rigor/#h-05-add-members-to-the-not-yet-created-communityarrow-up-right
Anyone can add himself as a member of community for any future community. This can be done due to a combination of facts:
Non initialized address storage values are defaulted to address(0)
address(0)
addMember doesn't check if community is already created
addMember
checkSignatureValidity doesn't check for address(0)
checkSignatureValidity
checkSignatureValidity/recoverKey should revert the call if an address == 0.
recoverKey
address == 0
addMember should have a require(_communityId <= communityCount)
require(_communityId <= communityCount)
Last updated 2 years ago