You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Mar 3, 2024. It is now read-only.
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelHighA valid High severity issueRewardA payout will be made for this issue
User can pay double amount in Vault Router and Excess amount can be stolen
Summary
In case, the vault's asset is weth and user wants to pay in eth which is accepted by the contract, user can end up forced to pay twice. Furthermore, this excess amount can be stolen by anyone.
Vulnerability Detail
Same vulnerability exists in both mint and deposit functions in LMPVaultRouterBase contract. So focusing on just mint function for details.
mint function in LMPVaultRouterBase contract is a publicly access function which any user can use to mint shares of any vault by depositing the base asset of that vault.
Here's the scenario of how User can end up paying double the asset:
Assume Alice wants to mint shares of a vault whose underlying base asset is weth.
Alice sends the 2 ethers while calling mint function to get it's equivalent of shares from the vault.
The contract will call _processEthIn(vault) to check whether the underlying asset is weth or not.
File: LMPVaultRouterBase.sol
function _processEthIn(ILMPVault vault) internal {
// if any eth sent, wrap it firstif (msg.value>0) {
// if asset is not weth, revertif (address(vault.asset()) !=address(weth9)) {
revertInvalidAsset();
}
// wrap eth
@-> weth9.deposit{ value: msg.value }();
}
}
As in this scenario, vault.asset() is weth9, the contract will deposit to weth9 to convert it to weth.
Next, total assets to be send will be calculated using previewMint and again, the tokens are pulled from the user to the contract worth of assets value (marked with @-> above).
As Alice has already sent the eth, taking assets' value worth of weth again is a redundent call which results in loss of funds for Alice.
Also, there is a public function unwrapWETH9:
File: PeripheryPayments.sol
function unwrapWETH9(uint256amountMinimum, addressrecipient) publicpayable { // @audit-info Can Steal any Weth from the routeruint256 balanceWETH9 = weth9.balanceOf(address(this));
if (balanceWETH9 < amountMinimum) revertInsufficientWETH9();
if (balanceWETH9 >0) {
weth9.withdraw(balanceWETH9);
Address.sendValue(payable(recipient), balanceWETH9);
}
}
So Anyone can call this function to steal the Excess weth contract owns because of double transfer from Alice.
sherlock-admin
changed the title
Dancing Lilac Badger - User can pay double amount in Vault Router and Excess amount can be stolen
Breeje - User can pay double amount in Vault Router and Excess amount can be stolen
Oct 3, 2023
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelHighA valid High severity issueRewardA payout will be made for this issue
Breeje
medium
User can pay double amount in Vault Router and Excess amount can be stolen
Summary
In case, the vault's asset is
weth
and user wants to pay ineth
which is accepted by the contract, user can end up forced to pay twice. Furthermore, this excess amount can be stolen by anyone.Vulnerability Detail
Same vulnerability exists in both
mint
anddeposit
functions inLMPVaultRouterBase
contract. So focusing on justmint
function for details.mint
function inLMPVaultRouterBase
contract is a publicly access function which any user can use to mint shares of any vault by depositing the base asset of that vault.Link to Code
Here's the scenario of how User can end up paying double the asset:
Assume Alice wants to
mint
shares of a vault whose underlying base asset isweth
.Alice sends the
2 ethers
while callingmint
function to get it's equivalent of shares from the vault.The contract will call
_processEthIn(vault)
to check whether the underlying asset isweth
or not.As in this scenario,
vault.asset()
isweth9
, the contract willdeposit
toweth9
to convert it toweth
.Next, total assets to be send will be calculated using
previewMint
and again, the tokens are pulled from the user to the contract worth ofassets
value (marked with @-> above).As Alice has already sent the
eth
, takingassets
' value worth ofweth
again is a redundent call which results in loss of funds for Alice.Also, there is a public function
unwrapWETH9
:So Anyone can call this function to steal the Excess
weth
contract owns because of double transfer from Alice.Impact
Loss of Funds for Users
Code Snippet
Shown Above
Tool used
Manual Review
Recommendation
Update the codebase as shown below:
Duplicate of #1
The text was updated successfully, but these errors were encountered: