Attackers can manipulate ERC4626 price per share to take an unfair share of future users #339
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
duplicate-275
satisfactory
satisfies C4 submission criteria; eligible for awards
upgraded by judge
Original issue severity upgraded from QA/Gas by judge
Lines of code
https://github.com/code-423n4/2022-11-redactedcartel/blob/03b71a8d395c02324cb9fdaf92401357da5b19d1/src/vaults/PirexERC4626.sol#L60
https://github.com/code-423n4/2022-11-redactedcartel/blob/03b71a8d395c02324cb9fdaf92401357da5b19d1/src/vaults/PirexERC4626.sol#L80
Vulnerability details
Impact
The attacker can get funds from future users, and the future users will lose their funds.
Proof of Concept
A malicious early user can deposit() with 1 wei of asset token and get 1 wei of shares. Then he/she can send 10000e18 - 1 of asset tokens and inflate the price per share from 1 to an extreme value of 1e22
(1 + 10000e18 - 1) / 1 = 1e22
A future user who deposits 19999e18 will only receive 1 wei of shares token.
19999e18 * 1 / 10000e18 = 1
he/she would lose 9999e18 if they redeem() right after the deposit().
https://github.com/code-423n4/2022-11-redactedcartel/blob/03b71a8d395c02324cb9fdaf92401357da5b19d1/src/vaults/PirexERC4626.sol#L60
https://github.com/code-423n4/2022-11-redactedcartel/blob/03b71a8d395c02324cb9fdaf92401357da5b19d1/src/vaults/PirexERC4626.sol#L80
Tools Used
Manual Review
Recommended Mitigation Steps
Require minimum amount of share in deposit function and mint function.
The text was updated successfully, but these errors were encountered: