Closed code423n4 closed 1 year ago
The comment is misguided, having more than 18 decimals will cause reverts.
Because of that comment, I must close as invalid as the submission doesn't meet the basic standard of the submitted understanding what they are talking about or at least running the code
GalloDaSballo marked the issue as unsatisfactory: Insufficient quality
Lines of code
https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/StableVault.sol#L49 https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/StableVault.sol#L67 https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/Trading.sol#L650 https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/Trading.sol#L675
Vulnerability details
Impact
In both StableVault and Trading, there is an assumption that token decimal amounts are <=18. However this can break if token decimals are >18, resulting in underflow which can lead to unpredictable behaviors, and extreme amounts during deposits and withdraws.
Proof of Concept
1) Token with decimals above 18 gets approved 2) User does a deposit() or withdraw() in one of the following: -StableVault deposit(): https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/StableVault.sol#L49 -StableVault withdraw(): https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/StableVault.sol#L67 -Trading _handleDeposit(): https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/Trading.sol#L650
Tools Used
None
Recommended Mitigation Steps
Add checks on the decimals either during whitelisting of tokens or add reverts in the functions handling deposits and withdrawals.