search

code-423n4 / 2023-07-moonwell-findings

1 stars 0 forks source link

Lack of check for the specific `mToken` market being liquidated. #176

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-07-moonwell/blob/fced18035107a345c31c9a9497d0da09105df4df/src/core/MToken.sol#L942-L943

Vulnerability details

addToMarketInternal ensure that borrowers are added to the necessary markets so that their assets can be included in liquidity calculations. Without verifying the accountAsset mapping against the borrower to ensure the correct mToken market is being targeted for liquidation, it may result in an improper liquidation.

Impact

The liquidation process lacks proper validation to check for the specific mToken market being liquidated during the liquidation process. This allows an attacker to intentionally liquidate a different market, potentially causing unintended consequences, financial losses, or disruption of the protocol.

This can have several potential impacts:

  1. Financial Losses: The attacker can manipulate the liquidation process, potentially stealing collateral from other accounts or causing losses to borrowers.
  2. Disruption of Protocol Stability: Incorrect liquidation can lead to distortions in the protocol's stability, affecting its overall performance and reliability.
  3. Asset Transfer: This may result in the unintended transfer of assets from one account to another.

Proof of Concept

An attacker can intentionally liquidate a different mToken market than the one associated with the borrower's account. By doing this, they can potentially manipulate the liquidation process and cause unintended consequences, such as stealing collateral or disrupting the stability of the protocol.

  1. The attacker identifies a target borrower account with an open loan in the protocol.
  2. They initiate the liquidation process for a different mToken market.
  3. Without proper validation, the protocol proceeds with the liquidation, potentially causing unintended consequences such as transferring collateral to the attacker or disrupting the protocol's stability.

Tools Used

Manual Review

Recommended Mitigation Steps

Should be updated as follows:

  1. Implement a validation check in the liquidation process to ensure it can only be initiated for the specific mToken market associated with the borrower's account.
  2. Verify and update the accountAsset mapping to prevent unauthorized associations, ensuring each account is correctly mapped to its respective mToken market.

Add a check in the liquidateBorrowFresh

add a require statement that checks whether the borrower's accountAssets mapping contains the mTokenCollateral address. If the check fails, indicating an invalid mToken market, the function will revert and stop the liquidation process.

  function liquidateBorrowFresh(address borrower, 
    address liquidator, uint256 repayAmount, MToken 
    mTokenCollateral) internal returns (uint256) {
   // Ensure the accountAsset mapping is checked to 
   // match the proper mToken market
    require(accountAssets[borrower]. 
    [address(mTokenCollateral)], "Invalid mToken 
  market");

// Rest of the code for the liquidation process
// ...

}

Assessed type

Invalid Validation

0xSorryNotSorry commented 1 year ago

The submission does not provide any demonstration of the issue, reasoning and specific code blocks.

c4-pre-sort commented 1 year ago

0xSorryNotSorry marked the issue as low quality report

c4-judge commented 1 year ago

alcueca marked the issue as unsatisfactory: Insufficient proof