strictly-scarce
commented
3 years ago Flash loans with the help of miners was not intended to be countered, although a check for msg.sender AND tx.origin will be applied.
Open code423n4 opened 3 years ago
strictly-scarce
commented
3 years ago Flash loans with the help of miners was not intended to be countered, although a check for msg.sender AND tx.origin will be applied.
Handle
@cmichelio
Vulnerability details
Vulnerability Details
The
flashProofmodifier is supposed to prevent flash-loan attacks by disallowing performing several sensitive functions in the same block.However, it performs this check on
tx.originand not on an individual user address basis. This only prevents flash loan attacks from happening within a single transaction.But flash loan attacks are theoretically not limited to the same transaction but to the same block as miners have full control of the block and include several vulnerable transactions back to back. (Think transaction bundles similar to flashbot bundles that most mining pools currently offer.)
A miner can deploy a proxy smart contract relaying all contract calls and call it from a different EOA each time bypassing the
tx.originrestriction.Impact
The
flashProofmodifier does not serve its purpose.Recommended Mitigation Steps
Try to apply the modifier to individual addresses that interact with the protocol instead of
tx.origin.Furthermore, attacks possible with flash loans are usually also possible for whales, making it debatable if adding flash-loan prevention logic is a good practice.