search

code-423n4 / 2023-08-dopex-findings

3 stars 3 forks source link

Flashloan/Sandwich Attacks on `UpdateFunding()` #2192

Closed code423n4 closed 11 months ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-08-dopex/blob/e96aaa5ea21f11b29d828dbe2d0745974cd046ed/contracts/perp-vault/PerpetualAtlanticVault.sol#L502

Vulnerability details

Impact

The attacker can launch a sandwich/flashloan attack on the updateFunding() function to gain most of the reward.

Proof of Concept

  1. The attacker observed that some reward is going to be distributed via updateFunding() function.
  2. The attacker borrowed flashloan and deposited it into the PerpetualAtlanticVaultLP.
  3. The attacker triggered the updateFunding() function
  4. Finally, the attacker redeems the assets from PerpetualAtlanticVaultLP and repay the flashloan

Tools Used

vscode

Recommended Mitigation Steps

In the short term, call UpdateFunding() more frequently. In the long term, considering the staking time in PerpetualAtlanticVaultLP

Assessed type

Other

c4-pre-sort commented 1 year ago

bytes032 marked the issue as low quality report

bytes032 commented 1 year ago

Insufficient proof

bytes032 commented 12 months ago

LQ because of front-running on Arb

c4-judge commented 11 months ago

GalloDaSballo marked the issue as unsatisfactory: Insufficient quality

GalloDaSballo commented 11 months ago

Need more work