Skip to content

Vault can be halted by malicious actor #23

New issue
New issue
Closed
Closed
Vault can be halted by malicious actor#23
Labels
2 (Med Risk)Assets not at direct risk, but function/availability of the protocol could be impacted or leak value🤖_22_groupAI based duplicate group recommendationbugSomething isn't workingduplicate-37satisfactorysatisfies C4 submission criteria; eligible for awards
@c4-bot-6

Description

@c4-bot-6
c4-bot-6
opened on May 29, 2024

Lines of code

https://github.com/code-423n4/2024-05-bakerfi/blob/main/contracts/core/Vault.sol#L203-L209

Vulnerability details

Proof of Concept

Vault.deposit function checks that both total.elastic && total.base are 0 or non 0, otherwise it reverts.
https://github.com/code-423n4/2024-05-bakerfi/blob/main/contracts/core/Vault.sol#L203-L209

        Rebase memory total = Rebase(_totalAssets(maxPriceAge), totalSupply());
        if (
            // Or the Rebase is unititialized
            !((total.elastic == 0 && total.base == 0) ||
                // Or Both are positive
                (total.base > 0 && total.elastic > 0))
        ) revert InvalidAssetsState();

Attacker can send some aave collateral to the contract, just to make _totalAssets(maxPriceAge) to not be 0, before any shares where minted. As result no one will be able to deposit.

Impact

Attacker can stop Vault from working.

Tools Used

VsCode

Recommended Mitigation Steps

I am not sure that check is needed.

Assessed type

Error

Metadata

Metadata

Assignees

No one assigned

    Labels

    2 (Med Risk)Assets not at direct risk, but function/availability of the protocol could be impacted or leak value🤖_22_groupAI based duplicate group recommendationbugSomething isn't workingduplicate-37satisfactorysatisfies C4 submission criteria; eligible for awards

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions