Platform: Code4rena
Start Date: 20/06/2023
Pot Size: $36,500 USDC
Total HM: 2
Participants: 23
Period: 3 days
Judge: 0xean
Id: 252
League: ETH
Rank: 5/23
Findings: 1
Award: $3,388.28
🌟 Selected for report: 0
🚀 Solo Findings: 0
3388.2784 USDC - $3,388.28
On onboarding, a part of the the received tokens will be swapped for 4 canto. To partially protect users, a maximum amount of tokens to be used for the swap is set. According to the documentation:
For risk management purposes, a swap will fail if the input coin amount exceeds a pre-defined limit (10 USDC, 10 USDT, 0.01 ETH) or if the swap amount limit is not defined.
For this swap, it uses the coinswap module. The maximum values there are defined as
sdk.NewCoin(UsdcIBCDenom, sdk.NewIntWithDecimal(10, 6)), sdk.NewCoin(UsdtIBCDenom, sdk.NewIntWithDecimal(10, 6)), sdk.NewCoin(EthIBCDenom, sdk.NewIntWithDecimal(1, 17)),
Here the EthIBCDenom value is 1e17, which is 0.1 Eth instead of the intended 0.01 Eth This means the intended protection is off by a factor 10.
Set the maxSwapAmount for EthIBDenom to sdk.NewCoin(EthIBCDenom, sdk.NewIntWithDecimal(1, 16)), to represent the correct value of 0.01 Eth.
Decimal
#0 - c4-pre-sort
2023-06-24T11:59:34Z
JeffCX marked the issue as primary issue
#1 - c4-pre-sort
2023-06-24T12:13:07Z
JeffCX marked the issue as duplicate of #8
#2 - c4-judge
2023-07-03T20:49:59Z
0xean marked the issue as satisfactory
#3 - c4-judge
2023-07-03T20:50:20Z
0xean changed the severity to 3 (High Risk)