Platform: Code4rena
Start Date: 15/12/2022
Pot Size: $128,000 USDC
Total HM: 28
Participants: 111
Period: 19 days
Judge: GalloDaSballo
Total Solo HM: 1
Id: 194
League: ETH
Rank: 103/111
Findings: 1
Award: $14.91
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0xdeadbeef0x
Also found by: 0xLad, 0xNazgul, 0xSmartContract, 0xbepresent, Arbor-Finance, Breeje, HE1M, IllIllI, Qeew, Rolezn, SEVEN, SamGMK, SmartSek, TomJ, WatchDogs, ak1, btk, ck, datapunk, dic0de, eierina, fs0c, hansfriese, koxuan, ladboy233, peanuts, rvierdiiev, sces60107, tonisives, unforgiven, yongskiws
14.9051 USDC - $14.91
Detailed description of the impact of this finding.
A bad actor can exploit the Vault by depositing a small amount of asset tokens (1 wei) and receiving 1 wei of shares tokens. The attacker can then send a large amount of asset tokens (10000e18 - 1) to inflate the price per share (1.0000 to an extreme value of 1.0000e22). This would cause future users who deposit 19999e18 to only receive 1 wei of shares tokens when they redeem, resulting in a loss of 9999e18 or half of their deposits.
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Manual Code Review
To fix this, it is recommended to require a minimum amount of share tokens to be minted for the first minter and to set aside a portion of the initial mints as a permanent reserve to make the price per share more resistant to manipulation.
#0 - c4-judge
2023-01-08T13:12:12Z
GalloDaSballo marked the issue as duplicate of #209
#1 - c4-judge
2023-01-29T18:38:54Z
GalloDaSballo changed the severity to 3 (High Risk)
#2 - c4-judge
2023-02-08T08:50:53Z
GalloDaSballo marked the issue as satisfactory