Platform: Code4rena
Start Date: 29/04/2022
Pot Size: $22,000 USDC
Total HM: 6
Participants: 40
Period: 3 days
Judge: Justin Goro
Total Solo HM: 2
Id: 114
League: ETH
Rank: 2/40
Findings: 2
Award: $3,642.27
🌟 Selected for report: 1
🚀 Solo Findings: 1
🌟 Selected for report: WatchPug
Also found by: 0xDjango, CertoraInc, Tadashi, berndartmueller, kebabsec, leastwood, unforgiven
The supplyTokenTo() function is executed when a yield source prize pool deposits tokens into Aave to generate yield. This contract uses an internal function called _tokenToShares() to calculate how many shares to mint on behalf of the to account. Because this contract depends on aToken.balanceOf(address(this)) to determine how many shares to mint, it is possible for a malicious user to brick a newly deployed AaveV3YieldSource.sol contract by sending a large amount of aTokens and subsequently calling supplyTokenTo() such that a single share is minted.
The exploit is detailed as the following:
1_000_000 aTokens directly to the contract before calling supplyTokenTo(1)._tokenToShares() returns _tokens when _supply == 0.1_000_001 aTokens.supplyTokenTo() with _depositAmount equal to 1_000. _tokenToShares calculates shares equal to (1_000 * 1) / 1_000_001 which truncates to zero. As a result, no-one can deposit and mint shares without depositing more than 1_000_000 tokens.Consider setting an initial amount of shares to mint to help mitigate this issue. This should limit the degree of truncation and inhibit how this issue could be abused.
#0 - PierrickGT
2022-05-03T22:56:40Z
🌟 Selected for report: leastwood
3141.4256 USDC - $3,141.43
https://github.com/aave/aave-v3-periphery/blob/master/contracts/rewards/RewardsController.sol#L190-L193 https://github.com/aave/aave-v3-periphery/blob/master/contracts/rewards/RewardsController.sol#L39-L42 https://github.com/aave/aave-v3-periphery/blob/master/contracts/rewards/RewardsController.sol#L133-L143 https://github.com/pooltogether/aave-v3-yield-source/blob/e63d1b0e396a5bce89f093630c282ca1c6627e44/contracts/AaveV3YieldSource.sol#L275-L286
The AaveV3YieldSource contract allows the manager or owner of the contract to claim rewards from Aave's rewards controller. However, there is an external dependency on this periphery Aave contract such that the emission manager of the RewardsController contract may allows other users to be authorized claimers.
Authorized claimers can claim rewards on behalf of the AaveV3YieldSource contract, effectively bypassing any restrictions put in place by this proprietary contract and its claimRewards() function. A malicious emissions manager can effectively siphon yield away from the AaveV3YieldSource contract and redirect it to them-self.
Ensure this is understood and enforce that the RewardsController contract is owner by PoolTogether's multisig.
#0 - PierrickGT
2022-05-03T23:29:22Z
Exactly, we will need to whitelist an address by calling the setClaimer function: https://github.com/aave/aave-v3-periphery/blob/ca184e5278bcbc10d28c3dbbc604041d7cfac50b/contracts/rewards/RewardsController.sol#L190
We will probably setup a contract that can claim for various yield sources.