Flashloan can be used to give user maximum stake power of StakeLevel.PLATINUM for a transaction
Based on Infinity exchange V1 out of scope of this contest. Staking level is used to get level of fee tier for user. It might be used for different purpose in future like airdrop as only view function is implement now.
Impact
The dev should be aware of potential future harm as any user can become platinum user for a single transaction by using flashloan from uniswap.
Depend on purpose of Stakelevel implementation, the current impact is not known.
POC
User flashloan 20_000e18 INFINITY_TOKEN from Uniswap.
Any implementation of using stake power should check for timestamp of Duration.NONE is not same as current block. To prevent any user from using flashloan to unpredicted use of Platinum like no fee trading or airdrop if ever used.
Without more details about the intended governance mechanism, it's hard to judge the severity for this. Lowering risk and merging with the warden's QA report #270
Lines of code
https://github.com/code-423n4/2022-06-infinity/blob/601e0e5498587f5b1ae33f345223c86526ae9ce1/contracts/staking/InfinityStaker.sol#L210-L224
Vulnerability details
Flashloan can be used to give user maximum stake power of
StakeLevel.PLATINUM
for a transactionBased on Infinity exchange V1 out of scope of this contest. Staking level is used to get level of fee tier for user. It might be used for different purpose in future like airdrop as only view function is implement now.
Impact
The dev should be aware of potential future harm as any user can become platinum user for a single transaction by using flashloan from uniswap. Depend on purpose of Stakelevel implementation, the current impact is not known.
POC
INFINITY_TOKEN
from Uniswap.Recommended Mitigation Steps
Any implementation of using stake power should check for timestamp of
Duration.NONE
is not same as current block. To prevent any user from using flashloan to unpredicted use of Platinum like no fee trading or airdrop if ever used.