getNewCurrentFees
reverts when minFeePercentage
> feeRatio
#50
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
resolved
Finding has been patched by sponsor (sponsor pls link to PR containing fix)
reviewed
Issues that Backd has reviewed (just for internal tracking, can ignore this)
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Lines of code
https://github.com/code-423n4/2022-04-backd/blob/c856714a50437cb33240a5964b63687c9876275b/backd/contracts/pool/LiquidityPool.sol#L694
Vulnerability details
Impact
Depositors won't be able to transfer or redeem funds temporarily.
The problem is caused by the implementation of
LiquidityPool.getNewCurrentFees
:The last line requires the current
feeRatio
to be higher thanminFeePercentage
or the function will revert. When this condition is broken, some critical functions such as transferring tokens and redeeming will be unusable. Affected users need to wait until enough time has elapsed andgetNewCurrentFees
returnsminFeePercentage
on L691.This could happen if governance changes the
MinWithdrawalFee
to be higher than a user's feeRatio.Proof of Concept
MinWithdrawalFee
is set to 0,MaxWithdrawalFee
is set to 0.03e18.feeRatio
is now set to 0.03e18 (the currentMaxWithdrawalFee
).MaxWithdrawalFee
to0.05e18
andMinWithdrawalFee
to0.04e18
.minFeePercentage
is now higher than Alice'sfeeRatio
and she can't transfer nor redeem the LP token untiltimeElapsed >= timeToWait
.Recommended Mitigation Steps
Add a new condition in
getNewCurrentFees
L690 to account for this case:The text was updated successfully, but these errors were encountered: