Tall Cloud Tuna
Medium
Unrestricted payment fee setting allows setting low fees and enabling potential spam and storage bloat attacks
The setReviewPrice() function allows the contract owner to set the review fee (price) to any arbitrary amount without restrictions, including very low or near-zero values. If the fee is set too low, it can make the contract vulnerable to spam attacks and storage bloat from malicious users who could submit numerous reviews or repeatedly call addReview() without incurring meaningful costs.. https://github.com/sherlock-audit/2024-10-ethos-network/blob/main/ethos/packages/contracts/contracts/EthosReview.sol#L437-L443
The setReviewPrice() function allows the owner to configure the review price (price) without any minimum or maximum constraints, making it possible to set a very low fee for adding reviews.
The EthosReview contract has an owner account with the ability to configure fees for submitting reviews using setReviewPrice().
An attacker has access to the contract and can afford minimal fees (if set low by the owner) to create multiple reviews or submit large data payloads repeatedly.
An attacker exploits low fee by calling addReview() multiple times, spamming the contract with reviews. Each call incurs minimal cost, making it easy to overwhelm the contract with reviews.
- Cumulative storage requirements increase significantly, leading to increased gas costs for each interaction.
- Legitimate users face higher costs and degraded user experience due to storage bloat and spam.
No response
Set Minimum and Maximum Fee Limits in setReviewPrice().
function setReviewPrice(bool allowed, address paymentToken, uint256 price) external onlyAdmin {
+ require(price >= MIN_PRICE && price <= MAX_PRICE, "Price out of bounds");
...
}