c4-judge
commented
1 year ago Picodes marked the issue as unsatisfactory: Invalid
Closed code423n4 closed 1 year ago
c4-judge
commented
1 year ago Picodes marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/GenerationSoftware/pt-v5-claimer/blob/57a381aef690a27c9198f4340747155a71cae753/src/libraries/LinearVRGDALib.sol#L39-L46 https://github.com/GenerationSoftware/pt-v5-claimer/blob/57a381aef690a27c9198f4340747155a71cae753/src/Claimer.sol#L141
Vulnerability details
Impact
An attacker can adjust the timestamp to artificially influence the
_timeSinceStartvalue to purchase tokens at a very low price.Proof of Concept
https://github.com/GenerationSoftware/pt-v5-claimer/blob/57a381aef690a27c9198f4340747155a71cae753/src/libraries/LinearVRGDALib.sol#L39-L46
https://github.com/GenerationSoftware/pt-v5-claimer/blob/57a381aef690a27c9198f4340747155a71cae753/src/Claimer.sol#L141
The
getVRGDAPrice()function in theLinearVRGDALiblibrary contains a timestamp dependency vulnerability. This vulnerability arises from the reliance on the current timestamp to calculate the_timeSinceStartparameter used in the token price calculation according to the VRGDA formula. The price of a token depends on the time since the auction began.Tools Used
Manual analysis
Recommended Mitigation Steps
Use a secure time source such as external oracles for calculating the
_timeSinceStartparameterAssessed type
Timing