Vault: Swaps at parity with swap fee = withdrawal fee

[code423n4]

Handle

hickuphh3

Vulnerability details

Impact

The vault treats all assets to be of the same price. Given that one can also deposit and withdraw in the same transaction, this offers users the ability to swap available funds held in the vault at parity, with the withdrawal protection fee (0.1%) effectively being the swap fee.

Due care and consideration should therefore be placed if new stablecoins are to be added to the vault (eg. algorithmic ones that tend to occasionally be off-peg), or when lowering the withdrawal protection fee.

Recommended Mitigation Steps

• Prevent users from depositing and withdrawing in the same transaction. This would help prevent potential flash loan attacks as well
• setWithdrawalProtectionFee() could have a requirement for the value to be non-zero. Zero withdrawal fee could be set in setHalted() whereby only withdrawals will be allowed.
• Use price oracles to accurately calculate the shares to be transferred to users for deposits, or token amounts to be sent for withdrawals

[GainsGoblin]

Duplicate of #2

[GalloDaSballo]

Agree with finding, this vault accounting can be used for arbitrage opportunities as tokens are treated at exact value while they may have imbalances in price

This is not a duplicate as it's explaining a specific attack vector

[GalloDaSballo]

Also raising risk valuation as this WILL be used to extract value from the system