The token could be impacted by an inflation attack.
Proof of Concept
At present, vToken is still susceptible to the well-known ERC4626 'Inflation Attack'. This vulnerability allows the total asset count to be inflated by making donations.
This means that one can mint initially, redeem thereafter, be left with 1 share, and then by directly transferring assets, enhance the exchangeRate, thereby enabling an 'Inflation Attack'.
It's important to note that while the initial mint can be triggered at the creation of a VToken, there isn't any constraint demanding that the initialSupply should be equal to zero.
Tools Used
Manual Review.
Recommended Mitigation Steps
It is advised to consider the latest version of OpenZeppelin, which introduces a unique iteration of ERC4626 aimed at mitigating this 'Inflation Attack'.
Lines of code
https://github.com/code-423n4/2023-05-venus/blob/8be784ed9752b80e6f1b8b781e2e6251748d0d7e/contracts/VToken.sol#L743-L791
Vulnerability details
Impact
The token could be impacted by an inflation attack.
Proof of Concept
At present, vToken is still susceptible to the well-known ERC4626 'Inflation Attack'. This vulnerability allows the total asset count to be inflated by making donations.
This means that one can mint initially, redeem thereafter, be left with 1 share, and then by directly transferring assets, enhance the exchangeRate, thereby enabling an 'Inflation Attack'.
It's important to note that while the initial mint can be triggered at the creation of a VToken, there isn't any constraint demanding that the initialSupply should be equal to zero.
Tools Used
Manual Review.
Recommended Mitigation Steps
It is advised to consider the latest version of OpenZeppelin, which introduces a unique iteration of ERC4626 aimed at mitigating this 'Inflation Attack'.
Ref: https://docs.openzeppelin.com/contracts/4.x/erc4626
Assessed type
Other