Platform: Code4rena
Start Date: 21/08/2023
Pot Size: $125,000 USDC
Total HM: 26
Participants: 189
Period: 16 days
Judge: GalloDaSballo
Total Solo HM: 3
Id: 278
League: ETH
Rank: 144/189
Findings: 1
Award: $8.66
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: said
Also found by: 0Kage, 0xCiphky, 0xkazim, 836541, AkshaySrivastav, Evo, HChang26, HHK, KrisApostolov, Neon2835, QiuhaoLi, Tendency, Toshii, bart1e, bin2chen, carrotsmuggler, chaduke, etherhood, gjaldon, glcanvas, josephdara, lanrebayode77, mahdikarimi, max10afternoon, nobody2018, peakbolt, qpzm, rvierdiiev, sces60107, tapir, ubermensch, volodya
8.6565 USDC - $8.66
Anyone can deposit and withdraw in same transaction stealing funding payment prior without providing collateral
In deposit function, after calculation of shares, perpetualAtlanticVault.updateFunding(); is called, which in turn transfers funding amount to vault, and when user redeems this value will be used in determining his share, which will as a result be more than what he deposited initially, leading to stealing of yield from all other users who deposited before.
VSCode
perpetualAtlanticVault.updateFunding(); require((shares = previewDeposit(assets)) != 0, "ZERO_SHARES");
Make call for updateFunding before previewDeposit
Other
#0 - c4-pre-sort
2023-09-07T13:39:24Z
bytes032 marked the issue as duplicate of #1948
#1 - c4-pre-sort
2023-09-07T13:42:31Z
bytes032 marked the issue as duplicate of #867
#2 - c4-pre-sort
2023-09-11T09:05:25Z
bytes032 marked the issue as sufficient quality report
#3 - c4-pre-sort
2023-09-11T09:05:33Z
bytes032 marked the issue as low quality report
#4 - c4-pre-sort
2023-09-14T07:10:59Z
bytes032 marked the issue as sufficient quality report
#5 - c4-judge
2023-10-20T19:23:20Z
GalloDaSballo marked the issue as partial-50