search

code-423n4 / 2023-07-amphora-findings

3 stars 2 forks source link

WUSDA.sol: `MAX_wUSDA_SUPPLY ` is not enforced during `wUSDA` mint. #362

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-07-amphora/blob/daae020331404647c661ab534d20093c875483e1/core/solidity/contracts/core/WUSDA.sol#L70-L73

Vulnerability details

Impact

MAX_wUSDA_SUPPLY is not enforced. As a result, there will be more nunmber of wUSDA can be minted.

This will lead to incorrect calculation from the functions _usdaToWUSDA and _wUSDAToUSDA. These two functions are used when deposit and withdraw. Though the max limit is exceeded, still the above mentioned function will use constat MAX_wUSDA_SUPPLY value for calculations.

Proof of Concept

https://github.com/code-423n4/2023-07-amphora/blob/daae020331404647c661ab534d20093c875483e1/core/solidity/contracts/core/WUSDA.sol#L70-L73.

limit cap can be seen from https://github.com/code-423n4/2023-07-amphora/blob/daae020331404647c661ab534d20093c875483e1/core/solidity/contracts/core/WUSDA.sol#L35

But when we look at the mint function, no check for the wUSDA cap value.

  function mintFor(address _to, uint256 _wusdaAmount) external override returns (uint256 _usdaAmount) {
    _usdaAmount = _wUSDAToUSDA(_wusdaAmount, _usdaSupply());
    _deposit(_msgSender(), _to, _usdaAmount, _wusdaAmount);
  }

Tools Used

Manual review.

Recommended Mitigation Steps

Refactor the code such that wUSDA mint should not exceed the MAX_wUSDA_SUPPLY value.

Assessed type

Error

c4-pre-sort commented 1 year ago

minhquanym marked the issue as duplicate of #67

c4-judge commented 1 year ago

dmvt marked the issue as duplicate of #28

c4-judge commented 1 year ago

dmvt changed the severity to 3 (High Risk)

dmvt commented 1 year ago

No impact described

c4-judge commented 1 year ago

dmvt marked the issue as partial-50