Solmate's ERC20 does not check for token contract's existence, which opens up possibility for a honeypot attack #48
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
edited-by-warden
M-02
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
Lines of code
https://github.com/code-423n4/2022-11-size/blob/main/src/SizeSealed.sol#L163
Vulnerability details
Description
When bidding, the contract pulls the quote token from the bidder to itself.
https://github.com/code-423n4/2022-11-size/blob/main/src/SizeSealed.sol#L163
However, since the contract uses Solmate's SafeTransferLib
Therefore if the token address is empty, the transfer will succeed silently, but not crediting the contract with any tokens.
This error opens up room for a honeypot attack similar to the Qubit Finance hack in January 2022.
In particular, it has became popular for protocols to deploy their token across multiple networks using the same deploying address, so that they can control the address nonce and ensuring a consistent token address across different networks.
E.g. 1INCH has the same token address on Ethereum and BSC, and GEL token has the same address on Ethereum, Fantom and Polygon. There are other protocols have same contract addresses across different chains, and it's not hard to imagine such thing for their protocol token too, if any.
Proof of Concept
Assuming that Alice is the attacker, Bob is the victim. Alice has two accounts, namely Alice1 and Alice2. Denote token Q as the quote token.
baseToken
, and a token Q as thequoteToken
.1000e18
quote tokens.1001e18
quote tokens.1000e18
refund bid back.As a result, the contract's Q token balance is
1e18
, Alice gets away with all her base tokens and1000e18
Q tokens that are Bob's. Alice has stolen Bob's funds.Tools Used
Manual review
Recommended Mitigation Steps
Consider using OpenZeppelin's SafeERC20 instead, which has checks that an address does indeed have a contract.
The text was updated successfully, but these errors were encountered: