CtrlK

Whitelists

Many protocols today implement whitelists for regulatory compliance, here are some common pitfalls and vulnerabilities with such patterns.

Edge Cases & Exploit Vectors

Any whitelisted address can use EIP 7702 to set their own account code that allows non-whitelsited accounts to interact with the protocol

Consider the following scenario:

Assume protocol has a whitelist mapping, where only users who are whitelisted can call function A
Bob is whitelisted for his address 0xFF
Bob uses 7702 to set his 0xFF account code to:

contract {
     address victimSystem;
    
     function callThis(...) external {
           victimSystem.whitelistedFunction(...);
     }
}

Now anyone can call the whitelisted function through calling callThis on 0xFF

Checklist Items

Did you check if EIP 7702 could be used to bypass the whitelist?

Audit References & Resources

M0 Uniswap V4 hook review, L-07: Pectra Upgrade Enables EOAs
Bracket Wrapped Vault Review: M-01: [TODO]

PreviousLayerZero NextThe Auditors Handbook

Last updated 1 minute ago