Closed code423n4 closed 1 year ago
Admin can always call setMintLimit() to update the limit if amount is deemed insufficient in long term. This is more of a design decision.
trust1995 marked the issue as unsatisfactory: Invalid
ypatil12 marked the issue as sponsor disputed
Lines of code
https://github.com/code-423n4/2023-01-ondo/blob/main/contracts/cash/CashManager.sol#L596 https://github.com/code-423n4/2023-01-ondo/blob/main/contracts/cash/CashManager.sol#L609 https://github.com/code-423n4/2023-01-ondo/blob/main/contracts/cash/CashManager.sol#L212 https://github.com/code-423n4/2023-01-ondo/blob/main/contracts/cash/CashManager.sol#L626 https://github.com/code-423n4/2023-01-ondo/blob/main/contracts/cash/CashManager.sol#L676 https://github.com/code-423n4/2023-01-ondo/blob/main/contracts/cash/CashManager.sol#L641
Vulnerability details
Impact
Due to the missing validation of
mintLimit
andredeemLimit
this might result in unreasonably low limits, leading to a DoS of therequestMint
andrequestRedemption
function. One user can simply call these functions with the upper limit, resulting in a DoS for all other users.Proof of Concept
1) Admin sets
mintLimit
to1_000_000e6
tokens. 2) Bob callsrequestMint
with1_000_000e6
+ the fee cost 3) Nobody can participate in the current epoch anymore.The same issue applies for
requestRedemption
Tools Used
VSCode
Recommended Mitigation Steps
Consider applying reasonable lower bounds to
setMintLimit
andsetRedeemLimit
*We do not see this as a centralization issue, this might be more the result of a thoughtless edge-case.