search

code-423n4 / 2021-09-yaxis-findings

0 stars 0 forks source link

Max approvals are risky if contract is malicious/compromised #64

Open code423n4 opened 3 years ago

code423n4 commented 3 years ago

Handle

0xRajeev

Vulnerability details

Impact


Maximum approvals are widely considered as unsafe if the approved contract becomes compromised/malicious.

Proof of Concept

https://github.com/code-423n4/2021-09-yaxis/blob/cf7d9448e70b5c1163a1773adb4709d9d6ad6c99/contracts/v3/strategies/BaseStrategy.sol#L103

https://github.com/code-423n4/2021-09-yaxis/blob/cf7d9448e70b5c1163a1773adb4709d9d6ad6c99/contracts/v3/controllers/LegacyController.sol#L211

https://github.com/code-423n4/2021-09-yaxis/blob/cf7d9448e70b5c1163a1773adb4709d9d6ad6c99/contracts/v3/converters/StablesConverter.sol#L53-L56

https://github.com/code-423n4/2021-09-yaxis/blob/cf7d9448e70b5c1163a1773adb4709d9d6ad6c99/contracts/v3/strategies/NativeStrategyCurve3Crv.sol#L48-L53

Tools Used

Manual Analysis

Recommended Mitigation Steps

Where possible, consider approving as needed for the amounts required as done in VaultHelper.

GalloDaSballo commented 3 years ago

Agree with finding, sponsor mitigated