Users could potentially pay very high gas fees even for simple rigidRedemption
#798
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
low quality report
This report is of especially low quality
unsatisfactory
does not satisfy C4 submission criteria; not eligible for awards
Lines of code
https://github.com/code-423n4/2023-06-lybra/blob/7b73ef2fbb542b569e182d9abf79be643ca883ee/contracts/lybra/pools/base/LybraPeUSDVaultBase.sol#L110-L114
https://github.com/code-423n4/2023-06-lybra/blob/7b73ef2fbb542b569e182d9abf79be643ca883ee/contracts/lybra/pools/base/LybraPeUSDVaultBase.sol#L125-L134
https://github.com/code-423n4/2023-06-lybra/blob/7b73ef2fbb542b569e182d9abf79be643ca883ee/contracts/lybra/pools/base/LybraPeUSDVaultBase.sol#L157-L163
https://github.com/code-423n4/2023-06-lybra/blob/7b73ef2fbb542b569e182d9abf79be643ca883ee/contracts/lybra/pools/base/LybraPeUSDVaultBase.sol#L192-L205
https://github.com/code-423n4/2023-06-lybra/blob/7b73ef2fbb542b569e182d9abf79be643ca883ee/contracts/lybra/configuration/LybraConfigurator.sol#L289-L308
Vulnerability details
When users do
LybraPeUSDVaultBase::rigidRedemption
(orliquidation
orburn
),_repay
is called. It will buy some amount of collateral forPEUSD
. Then it will callconfigurator.distributeRewards
.distributeRewards
will:PEUSD
balance, and if it's greater (or equal) than1000
, it will send it tolybraProtocolRewardsPool
EUSD
balance, and if it's greater than1000
, it will potentially exchange it to some other stablecoin, on Curve poolExchanging on Curve pool may be a very costly operation in terms of gas, so if it executes, user will have to pay high fee for it, although the operation has nothing to do with him.
It won't happen by itself, since
LybraEUSDVaultBase
doesn't callconfigurator.distributeRewards
and ifconfigurator.distributeRewards
is called fromLybraPeUSDVaultBase
,EUSD
balance ofconfigurator
will not increase.However, it is possible to perform a griefing attack, when some user sees that
EUSD.balanceOf(configurator)
is close to1000
, say998
, and that user may simply dotransfer
of2 + \epsilon
dollars toconfigurator
, so that ifconfigurator.distributeRewards
is called fromLybraPeUSDVaultBase
, user who performs rigid redemption, for example, will be forced to execute (possibly very expensive in terms of gas) Curve swap.Impact
It is a loss of asset for user - although protocol gets a small amount of dollars, such a "poisoned" transaction may cost a user even several dozen dollars.
It is also conditional, because
EUSD.balanceOf(configurator)
has to be close to1000
(if an attacker is willing to spend up to$10
for such an attack, there is a 1% chance he will be able to do it in any moment - this way, attacker could spend considerably less asset than his victim, although he will have to pay for this attack).Since it leads to loss of assets and is conditional, finding is submitted as Medium.
Proof of Concept
1000 PEUSD
forWBETH
, but swaps on Uniswap cost over $100, and no liquidations are possible inLybraWbETHVault
. So she finds some redemption provider and decides to buy some of hisWBETH
for a market price.999 EUSD
s in configurator and Bob, who hates Lybra protocol, sends1 + \espilon EUSD
to configurator so that the next person who callsdistributeRewards
will have to pay a lot for a transaction.EUSD
market price is strong enough (so1 EUSD >= 1.005 USDC
, assumingUSDC
isstableToken
).premiumTradingEnabled = true
.LybraWbETHVault::rigidRedemption
in order to swap herEUSD
, but instead of paying$100
, she expects to pay considerably less, say$20
.rigidRedemption
,distributeRewards
will be called and sinceEUSD.balanceOf(configurator) > 1000
,if(!premiumTradingEnabled || price <= 1005000)
will be evaluated and will evaluate to false, hence Curve swap will be performed.EUSD.transfer()
for1 EUSD
is far cheaper than Curve swap that Alice was forced to execute.Tools Used
VS Code
Recommended Mitigation Steps
Do one of the following:
distributeRewards
, which will tell whetherPEUSD
s orEUSD
s should be handled there and calldistributeRewards
with different parameter value fromLybraPeUSDVaultBase
andLybraEUSDVaultBase
Assessed type
Other
The text was updated successfully, but these errors were encountered: