Platform: Code4rena
Start Date: 18/04/2024
Pot Size: $36,500 USDC
Total HM: 19
Participants: 183
Period: 7 days
Judge: Koolex
Id: 367
League: ETH
Rank: 176/183
Findings: 1
Award: $0.02
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: MrPotatoMagic
Also found by: 0x175, 0x486776, 0x77, 0xAkira, 0xAsen, 0xDemon, 0xabhay, 0xblack_bird, 0xlemon, 0xloscar01, 0xtankr, 3docSec, 4rdiii, Abdessamed, AlexCzm, Angry_Mustache_Man, BiasedMerc, Circolors, Cryptor, DMoore, DPS, DedOhWale, Dinesh11G, Dots, GalloDaSballo, Giorgio, Honour, Imp, Jorgect, Krace, KupiaSec, Mrxstrange, NentoR, Pechenite, PoeAudits, Ryonen, SBSecurity, Sabit, T1MOH, TheFabled, TheSavageTeddy, Tychai0s, VAD37, Vasquez, WildSniper, ZanyBonzy, adam-idarrha, alix40, asui, blutorque, btk, c0pp3rscr3w3r, caglankaan, carrotsmuggler, d_tony7470, dimulski, dinkras, djxploit, falconhoof, forgebyola, grearlake, imare, itsabinashb, josephdara, kartik_giri_47538, ke1caM, kennedy1030, koo, lionking927, ljj, niser93, pep7siup, poslednaya, ptsanev, sashik_eth, shaflow2, steadyman, turvy_fuzz, ubl4nk, valentin_s2304, web3km, xyz, y4y, zhaojohnson, zigtur
0.0234 USDC - $0.02
https://github.com/code-423n4/2024-04-dyad/blob/cd48c684a58158de444b24854ffd8f07d046c31b/src/core/VaultManagerV2.sol#L119 https://github.com/code-423n4/2024-04-dyad/blob/cd48c684a58158de444b24854ffd8f07d046c31b/src/core/VaultManagerV2.sol#L134
This vulnerability could lead to financial losses for users of the VaultManagerV2 contract, as attackers could exploit the timing of transactions to manipulate asset prices and gain profit at the expense of legitimate users.
deposit or withdraw functions of the VaultManagerV2 contract.The VaultManagerV2 contract contains a front-running vulnerability in the VaultManagerV2::deposit and VaultManagerV2::withdraw functions, allowing attackers to manipulate transactions and potentially gain unfair advantage.
@> function deposit( uint id, address vault, uint amount ) external isValidDNft(id) { idToBlockOfLastDeposit[id] = block.number; Vault _vault = Vault(vault); _vault.asset().safeTransferFrom(msg.sender, address(vault), amount); _vault.deposit(id, amount); } /// @inheritdoc IVaultManager @> function withdraw( uint id, address vault, uint amount, address to ) public isDNftOwner(id) { REMAINING CODE ....................
I discovered this issue in the following lines of code:
VS code Manual review
To mitigate this vulnerability, consider implementing mechanisms such as transaction batching, fee-based priority ordering, or cryptographic commitments to prevent front-running attacks.
Allow users to execute transactions privately and avoid the risk of being front-run by malicious actors.
MEV
#0 - c4-pre-sort
2024-04-29T08:07:23Z
JustDravee marked the issue as duplicate of #489
#1 - c4-pre-sort
2024-04-29T09:25:34Z
JustDravee marked the issue as sufficient quality report
#2 - c4-judge
2024-05-05T20:38:10Z
koolexcrypto marked the issue as unsatisfactory: Invalid
#3 - c4-judge
2024-05-05T20:50:39Z
koolexcrypto marked the issue as nullified
#4 - c4-judge
2024-05-05T20:50:42Z
koolexcrypto marked the issue as not nullified
#5 - c4-judge
2024-05-08T15:29:19Z
koolexcrypto marked the issue as duplicate of #1001
#6 - c4-judge
2024-05-11T19:44:28Z
koolexcrypto marked the issue as satisfactory