{"componentChunkName":"component---node-modules-rocketseat-gatsby-theme-docs-core-src-templates-docs-query-js","path":"/manual-review/PermissionBuilder-PBR","result":{"data":{"mdx":{"id":"31da52d6-3eb7-56eb-b335-d1f80478364a","excerpt":"PBR-01M: Removal of Important Security Check Type Severity Location Input Sanitization PermissionBuilder.sol:L160, L161, L166 Description: Theā€¦","fields":{"slug":"/manual-review/PermissionBuilder-PBR/"},"frontmatter":{"title":"PermissionBuilder Manual Review Findings","description":"Contains all the findings that relate to manual review on the contract codebase","image":null,"disableTableOfContents":null},"body":"var _excluded = [\"components\"];\n\nfunction _extends() { _extends = Object.assign || function (target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i]; for (var key in source) { if (Object.prototype.hasOwnProperty.call(source, key)) { target[key] = source[key]; } } } return target; }; return _extends.apply(this, arguments); }\n\nfunction _objectWithoutProperties(source, excluded) { if (source == null) return {}; var target = _objectWithoutPropertiesLoose(source, excluded); var key, i; if (Object.getOwnPropertySymbols) { var sourceSymbolKeys = Object.getOwnPropertySymbols(source); for (i = 0; i < sourceSymbolKeys.length; i++) { key = sourceSymbolKeys[i]; if (excluded.indexOf(key) >= 0) continue; if (!Object.prototype.propertyIsEnumerable.call(source, key)) continue; target[key] = source[key]; } } return target; }\n\nfunction _objectWithoutPropertiesLoose(source, excluded) { if (source == null) return {}; var target = {}; var sourceKeys = Object.keys(source); var key, i; for (i = 0; i < sourceKeys.length; i++) { key = sourceKeys[i]; if (excluded.indexOf(key) >= 0) continue; target[key] = source[key]; } return target; }\n\n/* @jsxRuntime classic */\n\n/* @jsx mdx */\nvar _frontmatter = {\n \"title\": \"PermissionBuilder Manual Review Findings\",\n \"description\": \"Contains all the findings that relate to manual review on the contract codebase\"\n};\nvar layoutProps = {\n _frontmatter: _frontmatter\n};\nvar MDXLayout = \"wrapper\";\nreturn function MDXContent(_ref) {\n var components = _ref.components,\n props = _objectWithoutProperties(_ref, _excluded);\n\n return mdx(MDXLayout, _extends({}, layoutProps, props, {\n components: components,\n mdxType: \"MDXLayout\"\n }), mdx(\"h2\", {\n \"id\": \"span-idpbr-01mpbr-01m-removal-of-important-security-checkspan\",\n \"style\": {\n \"position\": \"relative\"\n }\n }, mdx(\"a\", {\n parentName: \"h2\",\n \"href\": \"#span-idpbr-01mpbr-01m-removal-of-important-security-checkspan\",\n \"aria-label\": \"span idpbr 01mpbr 01m removal of important security checkspan permalink\",\n \"className\": \"anchor before\"\n }, mdx(\"svg\", {\n parentName: \"a\",\n \"aria-hidden\": \"true\",\n \"focusable\": \"false\",\n \"height\": \"16\",\n \"version\": \"1.1\",\n \"viewBox\": \"0 0 16 16\",\n \"width\": \"16\"\n }, mdx(\"path\", {\n parentName: \"svg\",\n \"fillRule\": \"evenodd\",\n \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n }))), mdx(\"span\", {\n id: \"PBR-01M\"\n }, \"PBR-01M: Removal of Important Security Check\")), mdx(\"table\", null, mdx(\"thead\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"thead\"\n }, mdx(\"th\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Type\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Severity\"), mdx(\"th\", {\n parentName: \"tr\",\n \"align\": null\n }, \"Location\"))), mdx(\"tbody\", {\n parentName: \"table\"\n }, mdx(\"tr\", {\n parentName: \"tbody\"\n }, mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, mdx(\"a\", {\n parentName: \"td\",\n \"href\": \"/reports/gnosis-guild-zodiac-pr206-651169c36eb7b900141f09fb/appendix/finding-types#input-sanitization\"\n }, \"Input Sanitization\")), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, mdx(\"img\", {\n parentName: \"td\",\n \"className\": \"o-severity o-medium\",\n \"src\": \"https://omniscia.io/report-assets/medium.png\"\n })), mdx(\"td\", {\n parentName: \"tr\",\n \"align\": null\n }, \"PermissionBuilder.sol:L160, L161, L166\")))), mdx(\"h3\", {\n \"id\": \"description\",\n \"style\": {\n \"position\": \"relative\"\n }\n }, mdx(\"a\", {\n parentName: \"h3\",\n \"href\": \"#description\",\n \"aria-label\": \"description permalink\",\n \"className\": \"anchor before\"\n }, mdx(\"svg\", {\n parentName: \"a\",\n \"aria-hidden\": \"true\",\n \"focusable\": \"false\",\n \"height\": \"16\",\n \"version\": \"1.1\",\n \"viewBox\": \"0 0 16 16\",\n \"width\": \"16\"\n }, mdx(\"path\", {\n parentName: \"svg\",\n \"fillRule\": \"evenodd\",\n \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n }))), \"Description:\"), mdx(\"p\", null, \"The \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://github.com/gnosis/zodiac-modifier-roles/blob/6a7fb909a1a5dc55d5cfbe759a624ce20c625f46/packages/evm/contracts/PermissionBuilder.sol#L158-L176\"\n }, mdx(\"inlineCode\", {\n parentName: \"a\"\n }, \"PermissionBuilder::setAllowance\")), \" function contained an \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"if-revert\"), \" check that ensured the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"balance\"), \" being established for the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"key\"), \" is less-than-or-equal-to the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"maxBalance\"), \" dynamically calculated within the function.\"), mdx(\"p\", null, \"This condition was removed and affects out-of-scope contract \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"AllowanceTracker\"), \" and specifically \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"AllowanceTracker::_accruedAllowance\"), \".\"), mdx(\"p\", null, \"The function will improperly reset the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"balance\"), \" of the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"key\"), \" to the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"maxBalance\"), \" whenever an interval elapses even if the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"balance\"), \" is significantly higher than the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"maxBalance\"), \", effectively reducing it.\"), mdx(\"h3\", {\n \"id\": \"impact\",\n \"style\": {\n \"position\": \"relative\"\n }\n }, mdx(\"a\", {\n parentName: \"h3\",\n \"href\": \"#impact\",\n \"aria-label\": \"impact permalink\",\n \"className\": \"anchor before\"\n }, mdx(\"svg\", {\n parentName: \"a\",\n \"aria-hidden\": \"true\",\n \"focusable\": \"false\",\n \"height\": \"16\",\n \"version\": \"1.1\",\n \"viewBox\": \"0 0 16 16\",\n \"width\": \"16\"\n }, mdx(\"path\", {\n parentName: \"svg\",\n \"fillRule\": \"evenodd\",\n \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n }))), \"Impact:\"), mdx(\"p\", null, \"An invoker of the \", mdx(\"a\", {\n parentName: \"p\",\n \"href\": \"https://github.com/gnosis/zodiac-modifier-roles/blob/6a7fb909a1a5dc55d5cfbe759a624ce20c625f46/packages/evm/contracts/PermissionBuilder.sol#L158-L176\"\n }, mdx(\"inlineCode\", {\n parentName: \"a\"\n }, \"PermissionBuilder::setAllowance\")), \" function would expect the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"balance\"), \" allowed to solely decrease when consumed rather than when updated which can cause significant misbehaviours into how users as well as protocols interact with the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"PermissionBuilder\"), \".\"), mdx(\"h3\", {\n \"id\": \"example\",\n \"style\": {\n \"position\": \"relative\"\n }\n }, mdx(\"a\", {\n parentName: \"h3\",\n \"href\": \"#example\",\n \"aria-label\": \"example permalink\",\n \"className\": \"anchor before\"\n }, mdx(\"svg\", {\n parentName: \"a\",\n \"aria-hidden\": \"true\",\n \"focusable\": \"false\",\n \"height\": \"16\",\n \"version\": \"1.1\",\n \"viewBox\": \"0 0 16 16\",\n \"width\": \"16\"\n }, mdx(\"path\", {\n parentName: \"svg\",\n \"fillRule\": \"evenodd\",\n \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n }))), \"Example:\"), mdx(\"pre\", null, mdx(\"code\", {\n parentName: \"pre\",\n \"className\": \"language-sol\",\n \"metastring\": \"title=packages/evm/contracts/PermissionBuilder.sol highlight={3,4,9,15,16} lineNumbers=true lineOffset=157\",\n \"title\": \"packages/evm/contracts/PermissionBuilder.sol\",\n \"highlight\": \"{3,4,9,15,16}\",\n \"lineNumbers\": \"true\",\n \"lineOffset\": \"157\"\n }, \"function setAllowance(\\n bytes32 key,\\n uint128 balance,\\n uint128 maxBalance,\\n uint128 refill,\\n uint64 period,\\n uint64 timestamp\\n) external onlyOwner {\\n maxBalance = maxBalance > 0 ? maxBalance : type(uint128).max;\\n\\n allowances[key] = Allowance({\\n refill: refill,\\n period: period,\\n timestamp: timestamp,\\n balance: balance,\\n maxBalance: maxBalance\\n });\\n\")), mdx(\"h3\", {\n \"id\": \"recommendation\",\n \"style\": {\n \"position\": \"relative\"\n }\n }, mdx(\"a\", {\n parentName: \"h3\",\n \"href\": \"#recommendation\",\n \"aria-label\": \"recommendation permalink\",\n \"className\": \"anchor before\"\n }, mdx(\"svg\", {\n parentName: \"a\",\n \"aria-hidden\": \"true\",\n \"focusable\": \"false\",\n \"height\": \"16\",\n \"version\": \"1.1\",\n \"viewBox\": \"0 0 16 16\",\n \"width\": \"16\"\n }, mdx(\"path\", {\n parentName: \"svg\",\n \"fillRule\": \"evenodd\",\n \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n }))), \"Recommendation:\"), mdx(\"p\", null, \"We advise the code to re-introduce the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"if-revert\"), \" pattern check present in the original code to ensure that the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"AllowanceTracker\"), \" behaves as expected.\"), mdx(\"h3\", {\n \"id\": \"alleviation-e6d315f9170dcf4c622d504bd2fb6eafbdac9b75\",\n \"style\": {\n \"position\": \"relative\"\n }\n }, mdx(\"a\", {\n parentName: \"h3\",\n \"href\": \"#alleviation-e6d315f9170dcf4c622d504bd2fb6eafbdac9b75\",\n \"aria-label\": \"alleviation e6d315f9170dcf4c622d504bd2fb6eafbdac9b75 permalink\",\n \"className\": \"anchor before\"\n }, mdx(\"svg\", {\n parentName: \"a\",\n \"aria-hidden\": \"true\",\n \"focusable\": \"false\",\n \"height\": \"16\",\n \"version\": \"1.1\",\n \"viewBox\": \"0 0 16 16\",\n \"width\": \"16\"\n }, mdx(\"path\", {\n parentName: \"svg\",\n \"fillRule\": \"evenodd\",\n \"d\": \"M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z\"\n }))), \"Alleviation (e6d315f9170dcf4c622d504bd2fb6eafbdac9b75):\"), mdx(\"p\", null, \"The \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"AllowanceTracker\"), \" and \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"PermissionBuilder\"), \" contracts were slightly refactored to utilize a \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"maxRefill\"), \" notion rather than \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"maxBalance\"), \" notion, with the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"AllowanceTracker::_accruedAllowance\"), \" function measuring whether the present balance is lower than the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"maxRefill\"), \" value and increasing it by the elapsed periods.\"), mdx(\"p\", null, \"Should the balance after the refill is executed exceed the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"maxRefill\"), \" value, it will be set to it to avoid the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"balance\"), \" exceeding the \", mdx(\"inlineCode\", {\n parentName: \"p\"\n }, \"maxRefill\"), \" value \", mdx(\"strong\", {\n parentName: \"p\"\n }, \"when it is refilled\"), \".\"), mdx(\"p\", null, \"As the contract no longer improperly resets the balance to the refill amount if it has been set to a greater value, we consider this exhibit fully alleviated.\"), mdx(\"p\", null, \"We would like to note that a side-effect of the current implementation is that refill periods that have elapsed in the past whilst the balance is greater than the refill threshold will be unaccounted for when the balance needs to refill again.\"), mdx(\"p\", null, \"We consider this a desirable trait that the Gnosis Guild team wishes to enforce.\"));\n}\n;\nMDXContent.isMDXComponent = true;","headings":[{"depth":2,"value":"PBR-01M: Removal of Important Security Check"},{"depth":3,"value":"Description:"},{"depth":3,"value":"Impact:"},{"depth":3,"value":"Example:"},{"depth":3,"value":"Recommendation:"},{"depth":3,"value":"Alleviation (e6d315f9170dcf4c622d504bd2fb6eafbdac9b75):"}]}},"pageContext":{"slug":"/manual-review/PermissionBuilder-PBR/","prev":{"label":"Packer.sol (PRE-M)","link":"/manual-review/Packer-PRE"},"next":{"label":"Topology.sol (TYG-M)","link":"/manual-review/Topology-TYG"}}},"staticQueryHashes":["1954253342","2328931024","2501019404","973074209"]}