code-423n4 / 2023-05-venus-findings

2 stars 1 forks source link

`VToken mint` -- Inflation attack #561

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-05-venus/blob/8be784ed9752b80e6f1b8b781e2e6251748d0d7e/contracts/VToken.sol#L743-L791

Vulnerability details

Impact

The token could be impacted by an inflation attack.

Proof of Concept

At present, vToken is still susceptible to the well-known ERC4626 'Inflation Attack'. This vulnerability allows the total asset count to be inflated by making donations.

This means that one can mint initially, redeem thereafter, be left with 1 share, and then by directly transferring assets, enhance the exchangeRate, thereby enabling an 'Inflation Attack'.

It's important to note that while the initial mint can be triggered at the creation of a VToken, there isn't any constraint demanding that the initialSupply should be equal to zero.

Tools Used

Manual Review.

Recommended Mitigation Steps

It is advised to consider the latest version of OpenZeppelin, which introduces a unique iteration of ERC4626 aimed at mitigating this 'Inflation Attack'.

Ref: https://docs.openzeppelin.com/contracts/4.x/erc4626

Assessed type

Other

c4-judge commented 1 year ago

0xean marked the issue as duplicate of #314

c4-judge commented 1 year ago

0xean marked the issue as satisfactory

c4-judge commented 1 year ago

0xean changed the severity to 3 (High Risk)

c4-judge commented 1 year ago

0xean changed the severity to 2 (Med Risk)