-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unbounded userTokens
growth
#988
Labels
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-1503
grade-a
insufficient quality report
This report is not of sufficient quality
Q-46
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Comments
c4-bot-3
added
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
labels
Jan 16, 2024
c4-pre-sort
added
the
insufficient quality report
This report is not of sufficient quality
label
Jan 17, 2024
raymondfam marked the issue as insufficient quality report |
raymondfam marked the issue as duplicate of #684 |
alcueca changed the severity to 3 (High Risk) |
c4-judge
added
3 (High Risk)
Assets can be stolen/lost/compromised directly
upgraded by judge
Original issue severity upgraded from QA/Gas by judge
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
downgraded by judge
Judge downgraded the risk level of this issue
and removed
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
3 (High Risk)
Assets can be stolen/lost/compromised directly
upgraded by judge
Original issue severity upgraded from QA/Gas by judge
labels
Feb 1, 2024
alcueca changed the severity to 2 (Med Risk) |
c4-judge
added
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
and removed
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
labels
Feb 1, 2024
alcueca changed the severity to QA (Quality Assurance) |
alcueca marked the issue as grade-b |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-1503
grade-a
insufficient quality report
This report is not of sufficient quality
Q-46
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Lines of code
https://github.com/code-423n4/2024-01-curves/blob/516aedb7b9a8d341d0d2666c23780d2bd8a9a600/contracts/FeeSplitter.sol#L99
Vulnerability details
Impact
In FeeSplitter, function onBalanceChange updates the array of user's tokens if the user's balance is non-zero. However, due to not checking if the token is already present nor a way to remove tokens, the array will keep growing indefinitely. For example, as it is used by
getUserTokensAndClaimable
, it will iterate through both repeated and zero-balance tokens, and depending on the size either it will always revert or will require users to pay a huge amount of gas.Proof of concept
Arrays in Solidity are not sets, which means you can have repeated elements. If we go to the definition of
userTokens
in:FeeSplitter, line 29
we see it maps user addresses with an array of associated tokens. Now, if we go to:
FeeSplitter, onBalancechange
we see that if the user's token balance is non-zero, it will append the token address to its associated
userToken
array. Such a function is called by:Curves::_buyCurvesToken -> Curves:: _transferFee -> FeeSplitter::onBalanceChange
(as well as its public functions)Curves::sellCurvesToken -> Curves:: _transferFee -> FeeSplitter::onBalanceChange
As users can buy multiple times the same
curvesTokenSubject
, as well as selling them in little batches, which makes its balance non-zero in those situations, it will keep pushing the samecurvesTokenSubject
touserTokens
again and again in every buy/sell operation. Because of that, the next situations arise:getUserTokens
,getUserTokensAndClaimable
norbatchClaiming
due to memory expansion eating all the transaction gas, triggering a return bombuserTokens
when callinggetUserTokensAndClaimable
, paying a huge amount of gas as it will loop through correct tokens, repeated ones as well as those the user sold, that is, its balance is zero but they remain there as there is no way to remove them.Recommended Mitigation Steps
Use OZ EnumerableSet instead of a vanilla Solidity array and implement a "remover" so that users can remove tokens whose balance is$0$ (for example, after selling all the associated curves token).
Assessed type
Loop
The text was updated successfully, but these errors were encountered: