Open code423n4 opened 2 years ago
I believe this should be informational as it is a feature to allow for users to create offers outside of the sorted list. Them then inserting
that offer into the list seems like appropriate functionality to me
The warden has referenced a past attack vector demonstrated by the legendary samczsun that exploited the exact same functions to manipulate prices, as well as OasisDex's documentation, which makes the issue a very strong case.
Have to therefore disagree that it's appropriate functionality. The functions mentioned by the warden should be removed to prevent potential integrations from being exploited the same way.
Lines of code
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/RubiconMarket.sol#L598 https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/RubiconMarket.sol#L697
Vulnerability details
Proof-of-Concept
The
offer(uint, ERC20, uint, ERC20)
andinsert(uint, unint)
should only be accessible by the keepers as per the comments. However, there is no authorisation logic or access control implemented. Therefore, anyone could call these two functions.https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/RubiconMarket.sol#L598
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/RubiconMarket.sol#L697
Impact
Following are the three offers functions that public users can use to place new orders
Per the OasisDex Documentation, which Rubicon Market based upon, the last order (
offer(uint, ERC20, uint, ERC20)
) method should not be used. Following is the extract from the documentation.offer(uint, ERC20, uint, ERC20)
andinsert(uint, unint)
should be reserved for authorized users (e.g. keepers) only, but the fact is that anyone could access.The functions
offer(uint,ERC20,uint,ERC20,uint)
andoffer(uint,ERC20,uint,ERC20,uint,bool)
will trigger the matching logic, but the functionoffer(uint,ERC20,uint,ERC20)
does not.The function
offer(uint,ERC20,uint,ERC20)
allows malicious user to manipulate the orderbook in an atomic transaction by submitting a order without it being atomically matched, and theninsert(uint,uint)
can be used in order to manually sort the order without triggering matching.These additional interfaces might potentially allow attacker to implement sophisticated techniques to compromise the protocol in the future. These two interfaces have been utilised by malicious users in the past to manipulate the orderbook, see https://samczsun.com/taking-undercollateralized-loans-for-fun-and-for-profit/ (Eth2Dai Section)
Recommended Mitigation Steps
Review if
offer(uint, ERC20, uint, ERC20)
andinsert(uint, unint)
is needed. If these function are not needed, it is recommended to remove these functions to reduce the attack surface of the protocol. If these functions are needed, implement the necessary access controls to ensure only authorised users can access.