Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RdpxV2Core._curveSwap minOut calculated wrongly when swapping dpxETH for ETH #1827

Closed
code423n4 opened this issue Sep 5, 2023 · 5 comments
Closed

RdpxV2Core._curveSwap minOut calculated wrongly when swapping dpxETH for ETH #1827

code423n4 opened this issue Sep 5, 2023 · 5 comments
Labels
2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working duplicate-1558 partial-50 Incomplete articulation of vulnerability; eligible for partial credit only (50%)

Comments

@code423n4
Copy link
Contributor

Lines of code

https://github.com/code-423n4/2023-08-dopex/blob/eb4d4a201b3a75dd4bddc74a34e9c42c71d0d12f/contracts/core/RdpxV2Core.sol#L548-L549

Vulnerability details

This minOut calculation underestimate assets price:
https://github.com/code-423n4/2023-08-dopex/blob/eb4d4a201b3a75dd4bddc74a34e9c42c71d0d12f/contracts/core/RdpxV2Core.sol#L548-L549

Impact

Swap sandwitch attack and big slippage if minAmount = 0 (not set) when calling RdpxV2Core.upperDepeg

Proof of Concept

This executes when _ethToDpxEth = false => swapping dpxETH to ETH => upper depeg (1 eth < 1 dpxETH) => getEthPrice() < 1e8 (return eth price in dpxETH)
Consider extreme case:

_amount = 1e18 (swap in 1 dpxETH)
getEthPrice() = 0.5e8 (1 dpxETH = 2 eth)
slippageTolerance = 5e5

(((_amount * getEthPrice()) / 1e8) -
(((_amount * getEthPrice()) * slippageTolerance) / 1e16))
= 0.4975e18

That is swapping 1 dpxETH to weth with miOut = 0.4975e18, when 1 dpxETH = 2 eth

Tools Used

Manual Review

Recommended Mitigation Steps

Flip price and use insted

(((_amount * 1e8) / getEthPrice()) -
(((_amount * 1e8) * slippageTolerance) / (getEthPrice() * 1e16)))

This gives minOut = 1.99e18, which is correct

Assessed type

Math
@code423n4 code423n4 added 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working labels Sep 5, 2023
code423n4 added a commit that referenced this issue Sep 5, 2023
@code423n4
wintermute issue #1827
04c76b2
@c4-pre-sort
Copy link

bytes032 marked the issue as duplicate of #2172

@c4-pre-sort
Copy link

bytes032 marked the issue as not a duplicate

@c4-pre-sort c4-pre-sort reopened this Sep 12, 2023
@c4-pre-sort
Copy link

bytes032 marked the issue as duplicate of #970

@c4-judge
Copy link
Contributor

GalloDaSballo marked the issue as partial-50

@c4-judge c4-judge added the partial-50 Incomplete articulation of vulnerability; eligible for partial credit only (50%) label Oct 18, 2023
@GalloDaSballo
Copy link

Partially valid

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working duplicate-1558 partial-50 Incomplete articulation of vulnerability; eligible for partial credit only (50%)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@GalloDaSballo @code423n4 @c4-judge @c4-pre-sort