-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tokens with fee on transfer are not supported in TimeswapV2Option.sol
#52
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-247
edited-by-warden
satisfactory
satisfies C4 submission criteria; eligible for awards
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
Comments
code423n4
added
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
labels
Jan 22, 2023
code423n4
changed the title
Tokens with fee on transfer are not supposed in
Tokens with fee on transfer are not supported in Jan 25, 2023
TimeswapV2Option.sol
TimeswapV2Option.sol
c4-judge
added
the
primary issue
Highest quality submission among a set of duplicates
label
Feb 2, 2023
Picodes marked the issue as primary issue |
This was referenced Feb 2, 2023
If rebasing tokens will use as option than contract record and contract balance will be unequal
#106
Closed
c4-sponsor
added
the
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
label
Feb 8, 2023
vhawk19 marked the issue as sponsor disputed |
c4-sponsor
added
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
and removed
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
labels
Feb 8, 2023
vhawk19 marked the issue as sponsor acknowledged |
This is currently not supported by design |
c4-judge
added
duplicate-247
and removed
primary issue
Highest quality submission among a set of duplicates
labels
Feb 12, 2023
Picodes marked issue #247 as primary and marked this issue as a duplicate of 247 |
Picodes marked the issue as satisfactory |
c4-judge
added
the
satisfactory
satisfies C4 submission criteria; eligible for awards
label
Feb 12, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-247
edited-by-warden
satisfactory
satisfies C4 submission criteria; eligible for awards
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
Lines of code
https://github.com/code-423n4/2023-01-timeswap/tree/main/packages/v2-option/src/TimeswapV2Option.sol#L220
https://github.com/code-423n4/2023-01-timeswap/tree/main/packages/v2-option/src/TimeswapV2Option.sol#L259
https://github.com/code-423n4/2023-01-timeswap/tree/main/packages/v2-option/src/TimeswapV2Option.sol#L262
Vulnerability details
Some tokens take a transfer fee (e.g. STA, PAXG), some do not currently charge a fee but may do so in the future (e.g. USDT, USDC).
Should a fee-on-transfer token be used, it could be abused to mint more shares. In the current implementation,
TimeswapV2Option.sol#swap()
andTimeswapV2Option.sol#collect()
assume that the received amount is the same as the transfer amount, and uses it to calculate funds. As a result, users will be unable to properly use the functionality ofswap
andcollect
functions due to how fee-on-transfer tokens work.Proof Of Concept
https://github.com/code-423n4/2023-01-timeswap/tree/main/packages/v2-option/src/TimeswapV2Option.sol#L220
https://github.com/code-423n4/2023-01-timeswap/tree/main/packages/v2-option/src/TimeswapV2Option.sol#L259
https://github.com/code-423n4/2023-01-timeswap/tree/main/packages/v2-option/src/TimeswapV2Option.sol#L262
Recommended Mitigation Steps
The text was updated successfully, but these errors were encountered: