First depositor can break the minting of shares #736
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
duplicate-209
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2022-12-gogopool/blob/aec9928d8bdce8a5a4efe45f54c39d4fc7313731/contracts/contract/tokens/TokenggAVAX.sol#L99
Vulnerability details
An early depositor can break the future minting of shares by minting a very small number of shares, but donating a large amount of AVAX during the reward period, such that each wei of ggAVAX is worth a large amount.
Impact
If one wei of ggAVAX is worth, say, 1 Eth of AVAX, if a user calls
deposit()
with a value less than this amount, the amount the number of shares they get back round down to zero due to loss of precision and the call will revert, essentially bricking the contract for users with small amounts. If a user instead deposits an amount larger than 1 Eth, the amount over 1 Eth is given to all shareholders due to loss of precision.Proof of Concept
An attacker can deposit 1 wei of AVAX, then transfer a large amount of AVAX to the
TokenggAVAX
contract via aselfdestruct()
, then callsyncRewards()
. That function will convert the balance of the contract tolastRewardsAmt
...:https://github.com/code-423n4/2022-12-gogopool/blob/aec9928d8bdce8a5a4efe45f54c39d4fc7313731/contracts/contract/tokens/TokenggAVAX.sol#L99-L104
...which is used in
totalAssets()
either in the next period, or proportionally in the current period, depending on how much time has elapsed...:https://github.com/code-423n4/2022-12-gogopool/blob/aec9928d8bdce8a5a4efe45f54c39d4fc7313731/contracts/contract/tokens/TokenggAVAX.sol#L120-L130
...and that total is used to determine the worth of every share during minting:
https://github.com/code-423n4/2022-12-gogopool/blob/aec9928d8bdce8a5a4efe45f54c39d4fc7313731/contracts/contract/tokens/upgradeable/ERC4626Upgradeable.sol#L120-L124
Tools Used
Code inspection
Recommended Mitigation Steps
Upon initialization, mint an initial amount of shares to an address that is not able to withdraw them
The text was updated successfully, but these errors were encountered: