Trusted forwarder manipulation

Summary

The _approvedForwarderSenders mapping is publicly accessible and can be manipulated by an attacker to add or remove trusted forwarders, leading to potential security risks.

Vulnerability Detail

The _approvedForwarderSenders mapping in the TellerV2Context.sol contract is publicly accessible. This allows an attacker to potentially manipulate the mapping by adding or removing trusted forwarders, which could result in security risks for the platform.

Impact

Potential security risks, compromised platform integrity, and unauthorized actions performed within the contract.

Code Snippet

https://github.com/sherlock-audit/2023-03-teller/blob/main/teller-protocol-v2/packages/contracts/contracts/TellerV2Context.sol#L61

https://github.com/sherlock-audit/2023-03-teller/blob/main/teller-protocol-v2/packages/contracts/contracts/TellerV2Context.sol#L94

https://github.com/sherlock-audit/2023-03-teller/blob/main/teller-protocol-v2/packages/contracts/contracts/TellerV2Context.sol#L116

Tool used

Manual Review

Recommendation

Restrict the access to the _approvedForwarderSenders mapping by implementing access controls or limiting its visibility. This will help protect the platform from unauthorized manipulation and improve its overall security.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

042.md

042.md

Trusted forwarder manipulation

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

Files

042.md

Latest commit

History

042.md

File metadata and controls

Trusted forwarder manipulation

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation