Subtle mint/deposit limit invariant can easily be sidestepped #277
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
🤖_61_group
AI based duplicate group recommendation
unsatisfactory
does not satisfy C4 submission criteria; not eligible for awards
Lines of code
https://github.com/code-423n4/2024-04-panoptic/blob/833312ebd600665b577fbd9c03ffa0daf250ed24/contracts/CollateralTracker.sol#L417-L441
Vulnerability details
Proof of Concept
Take a look at https://github.com/code-423n4/2024-04-panoptic/blob/833312ebd600665b577fbd9c03ffa0daf250ed24/contracts/CollateralTracker.sol#L417-L441
And https://github.com/code-423n4/2024-04-panoptic/blob/833312ebd600665b577fbd9c03ffa0daf250ed24/contracts/CollateralTracker.sol#L477-L501
Evidently, we can see that the
CollateralTracker
includes functionalities for depositing assets and minting shares, with a maximum limit of(2 ** 104) - 1
for both assets and shares. However, the contract lacks a mechanism to verify if a user already owns a portion of the maximum limit, allowing for the bypassing of this invariant. Specifically, an attacker could circumvent this limit by dividing their intended deposit or mint into multiple transactions (instead of directly attempting to mint(2 ** 104)
which is >(2 ** 104) - 1
, they divide it into two), thereby accumulating more than the maximum limit.Impact
The absence of a check for a user's existing assets before allowing a deposit or mint operation allows anyone to bypass the subtle invariant of having a limit attached to deposits/mints.
Recommended Mitigation Steps
Before processing a deposit or mint operation, consider verifying the user's current assets, i.e If the addition of the current transaction would exceed the maximum limit, the operation should be reverted.
Assessed type
ERC4626
The text was updated successfully, but these errors were encountered: