c4-pre-sort
commented
1 year ago minhquanym marked the issue as duplicate of #67
Closed code423n4 closed 1 year ago
c4-pre-sort
commented
1 year ago minhquanym marked the issue as duplicate of #67
c4-judge
commented
1 year ago dmvt marked the issue as duplicate of #28
c4-judge
commented
1 year ago dmvt changed the severity to 3 (High Risk)
c4-judge
commented
1 year ago dmvt marked the issue as satisfactory
dmvt
commented
1 year ago No impact described
c4-judge
commented
1 year ago dmvt marked the issue as partial-50
Lines of code
https://github.com/code-423n4/2023-07-amphora/blob/daae020331404647c661ab534d20093c875483e1/core/solidity/contracts/core/WUSDA.sol#L35 https://github.com/code-423n4/2023-07-amphora/blob/daae020331404647c661ab534d20093c875483e1/core/solidity/contracts/core/WUSDA.sol#L59-L62 https://github.com/code-423n4/2023-07-amphora/blob/daae020331404647c661ab534d20093c875483e1/core/solidity/contracts/core/WUSDA.sol#L214-L219
Vulnerability details
Impact
In the contract, we have a hardcoded value for the max WUSDA tokens capped at 10M tokens. This cap is used in the conversion of wrapping and unwrapping of USDA tokens. However due to the nature of USDA tokens were by they do not have a fixed total supply, The WUSDA cap would be exceeded and there is no check to prevent this.
Proof of Concept
When minting WUSDA tokens after deposit, it calculates the amount of total USDA tokens and uses it to divide the product of the amount being deposited and the cap.
This would be fine except that the totalSUpply of the USDA tokens are never fixed. So if the supply had already minted out all 10 million tokens in the cap, But someone deposits more sUSD into the USDA contract, they can easily mint over the cap of 10_000_000 * 10 **18 used to calculate This is because in the mint function, there is no check against the cap
Tools Used
Manual Review
Recommended Mitigation Steps
Restrict minting over the cap
Assessed type
Other