Via deposit() function user can deposit one token to contract and able to withdraw another type of token from contract that may cause some critical problem in future

[code423n4]

Lines of code

https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/StableVault.sol#L44-L51
https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/StableVault.sol#L65-L72

Vulnerability details

Impact

This scenario will have impact when there are multiple token listed to this platform, and due to some reason they have price difference among them. Malicious user simply deposit less valuable token to this platform and withdraw more valuable token from this contract.
Another situation when a stable coin is on verge of collapse(recently happen with UST), Users can front-run delistToken() function by owner and deposit their collapsing token withdraw other token, that will cause other users to suffer from token loss.

Proof of Concept

After depositing one type token, user can able to withdraw any other type of listed token(because in withdrawing case it only check caller's tigris stable token balance and burn those, in return transfer same amount of listed tokens).

Let USDT and DAI have some price difference because DAI is collapsing(Hypothetically)
I deposit() 1000 DAI
Contract mint back 1000 tigris stable token
I notice price difference
I call withdraw() with 1000 tigris stable token with USDT address
Successfully withdraw 1000 USDT
By making these transaction i'm stealing other users funds

There is a delisting option delistToken() available for owner to delist a token any time, but that can be front-runned

    function deposit(address _token, uint256 _amount) public {  
        require(allowed[_token], "Token not listed");
        IERC20(_token).transferFrom(_msgSender(), address(this), _amount);
        IERC20Mintable(stable).mintFor(
            _msgSender(),
            _amount*(10**(18-IERC20Mintable(_token).decimals()))
        );
    }

    function withdraw(address _token, uint256 _amount) external returns (uint256 _output) {
        IERC20Mintable(stable).burnFrom(_msgSender(), _amount);
        _output = _amount/10**(18-IERC20Mintable(_token).decimals());
        IERC20(_token).transfer(
            _msgSender(),
            _output
        );
    }

Tools Used

Manual Review

Recommended Mitigation Steps

Should mint separate tigris stable token for different listed token like other protocol,
Like aave mints different aToken for different listed token.

[GalloDaSballo]

I think you're missing the forest for the tree

The system allows free arbitrage (worsened in case of depeg)

This is akin to a swap

I will dup to the rest of the "no liquidity premium", but I think I'll have to mark as dup at 50%

[c4-judge]

GalloDaSballo marked the issue as duplicate of #462

[c4-judge]

GalloDaSballo changed the severity to 3 (High Risk)

[c4-judge]

GalloDaSballo marked the issue as satisfactory