Closed code423n4 closed 1 year ago
trust1995 marked the issue as duplicate of #115
trust1995 marked the issue as satisfactory
trust1995 marked the issue as duplicate of #852
trust1995 changed the severity to 2 (Med Risk)
trust1995 changed the severity to QA (Quality Assurance)
trust1995 marked the issue as grade-c
Lines of code
https://github.com/code-423n4/2023-05-maia/blob/cfed0dfa3bebdac0993b1b42239b4944eb0b196c/src/erc-4626/ERC4626.sol#L32-L44
Vulnerability details
Impact
The attacker can profit from future users' deposits by manipulating the price per share.
Proof of Concept
Users who deposit after this will lose funds.
For example: A malicious user can deposit with 1 wei of asset token as the first depositor, and get 1 wei of shares.
Then the malicious user can send 10000e18 - 1 of asset tokens and inflate the price per share from 1.0000 to an extreme value of 1.0000e22 ( from (1 + 10000e18 - 1) / 1).
As a result, the future user who deposits 19999e18 will only receive 1 wei (from 19999e18 * 1 / 10000e18) of shares token.
They will immediately lose 9999e18 or half of their deposits.
Tools Used
Manual Review
Recommended Mitigation Steps
Consider requiring minimal share tokens to be minted for the first depositor.
Assessed type
ERC4626