Platform: Code4rena
Start Date: 07/09/2022
Pot Size: $20,000 CANTO
Total HM: 7
Participants: 65
Period: 1 day
Judge: 0xean
Total Solo HM: 3
Id: 159
League: ETH
Rank: 60/65
Findings: 1
Award: $39.22
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: lukris02
Also found by: 0x040, 0x1f8b, 0x52, 0xA5DF, 0xNazgul, 0xSky, Bnke0x0, Bronicle, CertoraInc, Chom, CodingNameKiki, Deivitto, Diraco, Dravee, EthLedger, IgnacioB, JC, JansenC, Jeiwan, R2, RaymondFam, ReyAdmirado, Rolezn, SinceJuly, TomJ, Tomo, Yiko, a12jmx, ajtra, ak1, codexploder, cryptphi, csanuragjain, erictee, fatherOfBlocks, gogo, hake, hansfriese, hickuphh3, ignacio, ontofractal, oyc_109, p_crypt0, pashov, peritoflores, rajatbeladiya, rbserver, rokinot, rvierdiiev, tnevler
242.8216 CANTO - $39.22
https://github.com/code-423n4/2022-09-canto/blob/65fbb8b9de22cf8f8f3d742b38b4be41ee35c468/src/Swap/BaseV1-periphery.sol#L531 https://github.com/code-423n4/2022-09-canto/blob/65fbb8b9de22cf8f8f3d742b38b4be41ee35c468/src/Swap/BaseV1-periphery.sol#L543 https://github.com/code-423n4/2022-09-canto/blob/65fbb8b9de22cf8f8f3d742b38b4be41ee35c468/src/Swap/BaseV1-periphery.sol#L520 https://github.com/code-423n4/2022-09-canto/blob/65fbb8b9de22cf8f8f3d742b38b4be41ee35c468/src/Swap/BaseV1-periphery.sol#L517
As Canto currently lacks advanced blockchain explorer capabilities with reliable code verification (incl. libraries) an advanced, well funded adversary could create, promote and persuade to include a malicious token with modifiable decimals state variable. Modification of decimals state variable will lead to a error in oracle price computation, user position liquidation and asset pool draining if the malicious asset is not a collateral. If the malicious asset is enabled as a collateral, depending on the amounts of assets supplied, a significant to total draining of user funds pools may be possible.
Add the following function to the WETH.sol smart contract:
function setDecimals(uint8 decimals_) public { _decimals = decimals_; }
Add the following lines to the Deployer swaps 10 times to cement observations in the pair oracle test
await (await weth.setDecimals(32)).wait() await (await weth.setDecimals(1)).wait() let actualPrice = (await router.getUnderlyingPrice(cCanto.address)).toBigInt() // sample does not factor most recent observation into account let expected = avg(pricesCanto, 1) // observations lag behind console.log("actualPrice: ", actualPrice) console.log("expected price: ", expected) // expect less than 0.1% difference in price (actual Price is TWAP) expected calculation does not weight by time expect(diff(actualPrice, expected) == BigInt(0)).to.be.true
vscode
Use BaseV1Pair
uint internal immutable decimals0; uint internal immutable decimals1;
instead.
#0 - nivasan1
2022-09-09T19:24:36Z
Notice, that attack of this scale would require the user to over-ride quorum in the network, as this token would need to be supported by the Comptroller. In this case, the user would need to co-ordinate an attack amongst majority stake-holders in the network, or control a majority stake in the network.
#1 - 0xean
2022-09-12T15:27:47Z
I am going to downgrade to QA. This has so many external requirements to become feasible that it's very hard to award it as medium severity.