Closed code423n4 closed 1 year ago
trust1995 marked the issue as primary issue
trust1995 marked the issue as unsatisfactory: Invalid
collateral is USDC, so should not be susceptible to the attack.
You will have to kill me before we let any ERC-20-like token with hooks be used as collateral w/n cashManager.
Lines of code
https://github.com/code-423n4/2023-01-ondo/blob/f3426e5b6b4561e09460b2e6471eb694efdd6c70/contracts/cash/CashManager.sol#L707
Vulnerability details
Impact
Function
completeRedemptions()
is used by admin account to distribute collateral to users and also to refund redemption requests if the redemption cannot be serviced.Redeemers will received funds from
assetSender
in air-drop manner, if collateral token is ERC777-like token with a callback to receiver, redeemers can reject receiving collateral token back, make the whole funcioncompleteRedemptions()
failing.In addition, function
completeRedemptions()
is usually called with a large number of redeemers, refundees at once. So the gas cost is extremely high, if the attacker is at the end of the list and he reject the transfer, it will cost admin a lot of money for gas cost.Proof of Concept
Consider the scenario where collateral token is token with hook to receiver.
completeRedemptions()
, after done transfering to999
redeemers, the1000th
is a contract that reject receiving collateral back.Obviously, admin can easily punish attacker by removing him from next call (i.e: only call with
999
first redeemers). However, since attacker loss is so small, he can create a lot of accounts and it will be really difficult for admin to eliminate all of them at once.Tools Used
Manual Review
Recommended Mitigation Steps
Consider applying
Pull over Push
pattern, allowing redeemers to claim their funds later to avoid being DOS.