Platform: Code4rena
Start Date: 07/01/2022
Pot Size: $80,000 USDC
Total HM: 21
Participants: 37
Period: 7 days
Judge: 0xean
Total Solo HM: 14
Id: 71
League: ETH
Rank: 3/37
Findings: 7
Award: $5,356.01
π Selected for report: 1
π Solo Findings: 2
π Selected for report: danb
3799.5139 INSURE - $1,329.83
2306.8477 USDC - $2,306.85
danb
https://github.com/code-423n4/2022-01-insure/blob/main/contracts/PoolTemplate.sol#L807 if there is no liquidity in the pool, the first deposit determines the total liquidity, if the amount is too small the minted liquidity for the next liquidity providers will round down to zero.
An attacker can steal all money from liquidity providers.
consider the following scenario:
a pool is created.
the attacker is the first one to deposit, they deposit with _amount == 1, the smallest amount possible. meaning the total liquidity is 1.
then they join another pool in order to get attributions in the vault.
they transfer the attributions to the pool using transferAttribution.
for example, they transferred 1M dollar worth of attributions.
the next person deposits in the index, for example, 500,000 dollars.
https://github.com/code-423n4/2022-01-insure/blob/main/contracts/PoolTemplate.sol#L803
the amount they will get is:
_amount = (_value * _supply) / _originalLiquidity;
as we know: _amount = 500,000 dollar _supply = 1 _totalLiquidity = 1,000,000 dollar (the attacker transferred directly) the investor will get (500,000 dollar * 1) / (1,000,000 dollar) = 0 and they will pay 500,000 this money will go to the index, and the attacker holds all of the shares, so they can withdraw it and get 1,500,000 stealing 500,000 dollars from the second investor.
manual review
#0 - oishun1112
2022-01-20T08:21:15Z
yes. Every address that has attributions can call transferAttribution(), however, the address has to call addValue() to earn attributions. addValue() has onlyMarket modifier. To pass onlyMarket modifier, ownership has to be stolen, in short.
#1 - oishun1112
2022-01-20T08:22:03Z
Since we assume ownership control is driven safely, we don't take this as an issue.
#2 - 0xean
2022-01-27T15:24:46Z
Agree with warden that the privilege addresses should not be able to use approvals in a way that rugs users funds.
Based on the fact that we have seen many rug pulls in the space based on compromised "owner" keys, this is a valid attack path.
3 β High: Assets can be stolen/lost/compromised directly (or indirectly if there is a valid attack path that does not have hand-wavy hypotheticals).
1709.7813 INSURE - $598.42
1038.0815 USDC - $1,038.08
danb
https://github.com/code-423n4/2022-01-insure/blob/main/contracts/PoolTemplate.sol#L709
_redeemAmount should be _deductionFromIndex multiplied by _shareOfIndex, not divided.
this would lead to a wrong distribution of payments.
#0 - oishun1112
2022-01-20T09:51:42Z
86.5379 INSURE - $30.29
52.5409 USDC - $52.54
danb
https://github.com/code-423n4/2022-01-insure/blob/main/contracts/PoolTemplate.sol#L671 https://github.com/code-423n4/2022-01-insure/blob/main/contracts/PoolTemplate.sol#L703
the functions applyCover and resume iterate over unbounded array.
anyone can create an index and add it to the pool, therefore it is possible to add many indexes and prevent any call to applyCover and resume because of passing the gas limit.
#0 - oishun1112
2022-01-13T05:49:31Z
only the single pool can be created permission less. index can be created via governance.
#1 - 0xean
2022-01-27T21:15:51Z
dupe of #352