On onboarding, a part of the the received tokens will be swapped for 4 canto.
To partially protect users, a maximum amount of tokens to be used for the swap is set.
According to the documentation:
For risk management purposes, a swap will fail if the input coin amount exceeds a pre-defined limit (10 USDC, 10 USDT, 0.01 ETH) or if the swap amount limit is not defined.
For this swap, it uses the coinswap module.
The maximum values there are defined as
Lines of code
https://github.com/code-423n4/2023-06-canto/blob/a4ff2fd2e67e77e36528fad99f9d88149a5e8532/Canto/x/coinswap/keeper/swap.go#L102
Vulnerability details
Impact
On onboarding, a part of the the received tokens will be swapped for 4 canto. To partially protect users, a maximum amount of tokens to be used for the swap is set. According to the documentation:
For this swap, it uses the coinswap module. The maximum values there are defined as
Here the EthIBCDenom value is 1e17, which is 0.1 Eth instead of the intended 0.01 Eth This means the intended protection is off by a factor 10.
Recommended Mitigation Steps
Set the maxSwapAmount for EthIBDenom to
sdk.NewCoin(EthIBCDenom, sdk.NewIntWithDecimal(1, 16)),
to represent the correct value of 0.01 Eth.Assessed type
Decimal