New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ERC4626Cloned deposit and mint logic differ on first deposit #588
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-02
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
upgraded by judge
Original issue severity upgraded from QA/Gas by judge
Comments
code423n4
added
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
labels
Jan 19, 2023
c4-judge
added
the
primary issue
Highest quality submission among a set of duplicates
label
Jan 23, 2023
Picodes marked the issue as primary issue |
This was referenced Jan 23, 2023
c4-sponsor
added
the
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
label
Jan 31, 2023
androolloyd marked the issue as sponsor confirmed |
@androolloyd how should we handle this along with #367? |
Picodes marked the issue as satisfactory |
c4-judge
added
satisfactory
satisfies C4 submission criteria; eligible for awards
3 (High Risk)
Assets can be stolen/lost/compromised directly
upgraded by judge
Original issue severity upgraded from QA/Gas by judge
and removed
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
labels
Feb 19, 2023
Picodes changed the severity to 3 (High Risk) |
c4-judge
added
the
selected for report
This submission will be included/highlighted in the audit report
label
Feb 24, 2023
Picodes marked the issue as selected for report |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-02
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
upgraded by judge
Original issue severity upgraded from QA/Gas by judge
Lines of code
https://github.com/AstariaXYZ/astaria-gpl/blob/4b49fe993d9b807fe68b3421ee7f2fe91267c9ef/src/ERC4626-Cloned.sol#L123-L127
https://github.com/AstariaXYZ/astaria-gpl/blob/4b49fe993d9b807fe68b3421ee7f2fe91267c9ef/src/ERC4626-Cloned.sol#L129-L133
Vulnerability details
The
ERC4626Cloned
contract is an implementation of the ERC4626 used for vaults. The standard contains adeposit
function to deposit a specific amount of the underlying asset, and amint
function that will calculate the amount needed of the underlying token to mint a specific number of shares.This calculation is done in
previewDeposit
andpreviewMint
:https://github.com/AstariaXYZ/astaria-gpl/blob/4b49fe993d9b807fe68b3421ee7f2fe91267c9ef/src/ERC4626-Cloned.sol#L123-L127
https://github.com/AstariaXYZ/astaria-gpl/blob/4b49fe993d9b807fe68b3421ee7f2fe91267c9ef/src/ERC4626-Cloned.sol#L129-L133
In the case of the first deposit (i.e. when
supply == 0
),previewDeposit
will return the sameassets
amount for the shares (this is the standard implementation), whilepreviewMint
will simply return10e18
.Impact
It seems the intention was to mint a high initial number of shares on first deposit, so an attacker couldn't mint a low number of shares and manipulate the pool to frontrun an initial depositor.
However, the protocol has failed to replicate this logic in the
deposit
function, as bothdeposit
andmint
logic differ (see PoC).An attacker can still use the
deposit
function to mint any number of shares.PoC
Recommendation
The
deposit
function should also implement the same logic as themint
function for the case of the first depositor.The text was updated successfully, but these errors were encountered: