The mintFungible() function is callable by any user that wishes to mint liquidity pool fungible tokens. The protocol expects a user to first approve the contract as a spender before calling mintFungible(). However, any arbitrary user could monitor the blockchain for contract approvals that match VaderPoolV2.sol and effectively frontrun their call to mintFungible() by setting the to argument to their own address. As a result, the nativeDeposit and foreignDeposit amounts are transferred from the victim, and LP tokens are minted and finally transferred to the malicious user who is represented by the to address.
jack-the-pug
commented
2 years ago
Handle
leastwood
Vulnerability details
Impact
The
mintFungible()function is callable by any user that wishes to mint liquidity pool fungible tokens. The protocol expects a user to first approve the contract as a spender before callingmintFungible(). However, any arbitrary user could monitor the blockchain for contract approvals that matchVaderPoolV2.soland effectively frontrun their call tomintFungible()by setting thetoargument to their own address. As a result, thenativeDepositandforeignDepositamounts are transferred from the victim, and LP tokens are minted and finally transferred to the malicious user who is represented by thetoaddress.Proof of Concept
https://github.com/code-423n4/2021-12-vader/blob/main/contracts/dex-v2/pool/VaderPoolV2.sol#L311-L362
Tools Used
Manual code review.
Recommended Mitigation Steps
Consider removing the
fromargument inmintFungible()and update thesafeTransferFrom()call to insteadmsg.senderas thefromargument.