Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rewards can be stolen by re-entering into updateDistribution #134

Closed
code423n4 opened this issue Jan 6, 2022 · 1 comment
Closed

Rewards can be stolen by re-entering into updateDistribution #134

code423n4 opened this issue Jan 6, 2022 · 1 comment
Labels
3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working duplicate This issue or pull request already exists sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")

Comments

@code423n4
Copy link
Contributor

Handle

cmichel

Vulnerability details

The XDEFIDistribution.updateDistribution function does not have re-entrancy locks and can be called from lock -> _lock -> safeMint which gives control back to the msg.sender if it is a contract by performing msg.sender.onERC721Received(...).

As the totalDepositedXDEFI is not yet updated with the locked amount at the time of calling safeMint, re-entering into updateDistribution will count the deposited amount as rewards and distribute them to all previous holders by increasing _pointsPerUnit.

POC

For simplicity, assume there's a zero-second locking duration and all these actions can be done in a single transaction.
It also leads to loss of funds in the case where there's no zero-second locking duration.

  • Attacker locks tokens, gets NFT_1
  • Attacker locks tokens again from a smart contract calling lock and has an onERC721Received receiver function. The _lock's safeMint will call this function with NFT_2 and the attacker calls updateDistribution which distributes the locked amount as a reward to all previous stakers, including themself as part of owning NFT_1.
  • Attacker unlocks NFT_1, receives the original lock amount in addition to part of the second lock's deposit amount.
  • Attacker unlocks NFT_2, receives the original lock amount.
  • The attacker's profit is part of the second lock amount. The share can be maximized by locking more tokens in NFT_1. The attacker's profit is the protocol's loss.

Impact

Funds can be stolen from the contract.

Recommended Mitigation Steps

  1. Use _mint instead of _safeMint.
  2. Add re-entrancy locks to updateDistribution and migrate.
@code423n4 code423n4 added 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working labels Jan 6, 2022
code423n4 added a commit that referenced this issue Jan 6, 2022
@deluca-mike
Copy link
Collaborator

Valid, and duplicate of #25

@deluca-mike deluca-mike added duplicate This issue or pull request already exists sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") labels Jan 9, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working duplicate This issue or pull request already exists sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Projects
None yet
Development

No branches or pull requests

3 participants