Open code423n4 opened 2 years ago
By fixing other audit reports, we now have made sure that no value can be left in the contract via swap and bridge methods by refunding any outstanding token.
To our knowledge, the only way a user can transfer value to our contract and have it sit there is to directly send it. We highly discourage this behaviour and we internally decided that such a deliberate action is unlikely. Therefore we believe that it is not worth mitigating, as the necessary checks would increase the transaction costs for all contract calls.
Downgrading to Low/QA. Treating as warden's QA Report.
Preserving original title: ERC20 withdrawals can be frontrun
Lines of code
https://github.com/code-423n4/2022-03-lifinance/blob/699c2305fcfb6fe8862b75b26d1d8a2f46a551e6/src/Facets/GenericSwapFacet.sol#L22-L43 https://github.com/code-423n4/2022-03-lifinance/blob/699c2305fcfb6fe8862b75b26d1d8a2f46a551e6/src/Libraries/LibSwap.sol#L33-L35
Vulnerability details
Impact
Tokens sent to the contract can be retrieved by anyone, which opens up the possibility for
WithdrawFacet.withdraw()
to be frontrun.When swapping ERC20 tokens,
LibSwap.swap
only tries to transfer tokens if the contract doesn't have enough balance to swap. As long as a market for the token exists, anyone can callGenericSwapFacet.swapTokensGeneric()
to swap any token in the contract and retrieve them.Proof of Concept
WithdrawFacet.withdraw()
.GenericSwapFacet.swapTokensGeneric()
, using USDC assendingAssetId
and WETH asreceivingAssetId
. The attacker receives free WETH.Recommended Mitigation Steps
Consider transferring the token (
sendingAssetId
of the first_swapData
) to the contract before executing the swaps. Return the value oftoAmount
inLibSwap.swap()
and use it as thefromAmount
value for the next swap. This way an attacker cannot utilise funds left in the contract for swapping.