DYAD - CodeWasp's results

Lines of code

https://github.com/code-423n4/2024-04-dyad/blob/cd48c684a58158de444b24854ffd8f07d046c31b/script/deploy/Deploy.V2.s.sol#L64-L65 https://github.com/code-423n4/2024-04-dyad/blob/cd48c684a58158de444b24854ffd8f07d046c31b/script/deploy/Deploy.V2.s.sol#L93-L94 https://github.com/code-423n4/2024-04-dyad/blob/cd48c684a58158de444b24854ffd8f07d046c31b/src/core/VaultManagerV2.sol#L75-L75 https://github.com/code-423n4/2024-04-dyad/blob/cd48c684a58158de444b24854ffd8f07d046c31b/src/core/VaultManagerV2.sol#L88-L88

Vulnerability details

Impact

Users can legitimately mint DYAD with collateralization of 75%, leading to loss of funds and protocol collapse.

Description

In the deployment script, Deploy.V2.s.sol, vaults ethVault and wstEth are both added to KerosineManager and added to VaultLicenser. As a result, a user can legitimately add the same vault (either ethVault or wstEth) as a standard vault via VaultManagerV2::add(), and as a Kerosene vault via VaultManagerV2::addKerosene(), because the same vault is licensed both as standard, and as Kerosene vault.

Further, collateralization is calculated in function collatRatio() using total USD value, which sums up collateral contained both in non-Kerosene and Kerosene vaults using function getTotalUsdValue():

function getTotalUsdValue(uint id) 
    public view
    returns (uint) {
      return getNonKeroseneValue(id) + getKeroseneValue(id);
  }

As it is possible to have the same vault counted twice, a user may have their collateral twice as high as the real value, and be able to mint DYAD with collateralization of 75%, thus undermining the core function of the protocol.

Severity rationalization

• Impact: High; loss of funds due to under-collateralization
• Likelihood: High; nothing to do accept to add a vault both as standard and kerosine
• Severity: High x High => High

Proof of Concept

• user calls VaultManagerV2::add() supplying ethVault as a parameter;
• user calls VaultManagerV2::addKerosene() supplying ethVault as a parameter;
• user deposits 150 Eth to ethVault;
• user is able to mint the amount of DYAD equivalent to 200 Eth, as their collateral is counted as 300 Eth.

Tools Used

Manual audit

Recommended Mitigation Steps

Make sure that the vaults licensed as non-Kerosene and as Kerosene form two non-intersecting sets.

Assessed type

Error

Lines of code

https://github.com/code-423n4/2024-04-dyad/blob/cd48c684a58158de444b24854ffd8f07d046c31b/src/core/Vault.kerosine.unbounded.sol#L65-L65

Vulnerability details

Impact

The system will become inoperable upon deployment due to underflow in Kerosine asset price calculation.

Description

UnboundedKerosineVault::assetPrice() contains the following fragment:

      uint tvl;
      address[] memory vaults = kerosineManager.getVaults();
      uint numberOfVaults = vaults.length;
      for (uint i = 0; i < numberOfVaults; i++) {
        Vault vault = Vault(vaults[i]);
        tvl += vault.asset().balanceOf(address(vault)) 
                * vault.assetPrice() * 1e18
                / (10**vault.asset().decimals()) 
                / (10**vault.oracle().decimals());
      }
      uint numerator   = tvl - dyad.totalSupply();

In the fragment above, the total value locked (tvl) is calculated over all vaults licensed with KerosineManager. As can be seen from the deployment script those are the freshly created ethVault and wstEth, which balances wrt. the corresponding assets are initially zero, while the total supply of DYAD is non-zero. As a result, any attempt to calculate assetPrice() for the UnboundedKerosineVault will underflow and revert.

This function is used in particular to calculate the USD value of particular note in a Kerosine vault via KerosineVault::getUsdValue(id), which in turn is used in VaultManagerV2::getKeroseneValue(). The latter is employed via getTotalUsdValue() in collatRatio(). This function reverting will in turn make functions mintDyad(), withdraw, and liquidate inoperable.

What's worth noticing is that the deployment uses MAINNET_DYAD address for the Dyad contract, which is already in operation on Mainnet, with 625,967.4 DYAD total supply at the time of writing.

Tools Used

Manual audit

Assessed type

Other