Open c4-submissions opened 1 year ago
@toshiSat i think we should just lock this down so afEth can only use votium strategy
0xleastwood marked the issue as duplicate of #39
0xleastwood marked the issue as satisfactory
Marking this as primary issue and best report because it addresses all edge cases where slippage should be checked.
0xleastwood marked the issue as not a duplicate
0xleastwood marked the issue as selected for report
0xleastwood marked the issue as primary issue
elmutt (sponsor) confirmed
@toshiSat @0xleastwood I think https://github.com/asymmetryfinance/afeth/pull/169 should partially solve this issue.
In order fully solve it and issues marked as duplicates( #24 #61 #15) we also need to pass _minout to afEth.applyRewards()
will update here when we have that PR
Agree with you on this ^
@toshiSat @0xleastwood I think asymmetryfinance/afeth#169 should partially solve this issue.
In order fully solve it and issues marked as duplicates( #24 #61 #15) we also need to pass _minout to afEth.applyRewards()
will update here when we have that PR
https://github.com/asymmetryfinance/afeth/pull/176 https://github.com/asymmetryfinance/afeth/pull/178
Lines of code
https://github.com/code-423n4/2023-09-asymmetry/blob/main/contracts/strategies/votium/VotiumStrategyCore.sol#L233-L240 https://github.com/code-423n4/2023-09-asymmetry/blob/main/contracts/strategies/votium/VotiumStrategyCore.sol#L258-L263
Vulnerability details
Bug Description
In
VotiumStrategyCore.sol
, thebuyCvx()
andsellCvx()
functions callexchange_underlying()
of Curve's ETH / CVX pool to buy and sell CVX respectively:VotiumStrategyCore.sol#L233-L240
VotiumStrategyCore.sol#L258-L263
As seen from above,
exchange_underlying()
is called with its_min_dy
parameter as 0, which means the minimum amount of CVX or ETH to receive from the swap is effectively 0.This isn't an issue when users interact with the
AfEth
contract, as itsdeposit()
andwithdraw()
functions include a_minOut
parameter which protects against slippage.However, users that interact with the
VotiumStrategy
contract directly will not be protected from slippage when they call any of the following functions:deposit()
, which callsbuyCvx()
depositRewards()
, which callsbuyCvx()
withdraw()
, which callssellCvx()
Should users call any of the functions listed above directly, they will be susceptible to sandwich attacks by attackers, which would reduce the amount of CVX or ETH received from the swap with curve's pool.
Impact
Due to a lack of slippage protection in
buyCvx()
andsellCvx()
, users that interact with theVotiumStrategy
contract will be susceptible to sandwich attacks. This results in a loss of funds for them as they will receive less CVX or ETH for the same amount of funds.Proof of Concept
Consider the following scenario:
VotiumStrategy
contract'sdeposit()
function directly to deposit ETH.buyCvx()
attempts to swap Bob's ETH deposit for CVX.In this scenario, Alice has sandwiched Bob's
deposit()
transaction for a profit, causing Bob to receive less CVX for his deposited ETH.Recommended Mitigation
Consider adding a
_minOut
parameter to eitherbuyCvx()
andsellCvx()
, or the following functions:deposit()
depositRewards()
withdraw()
This allows the caller to specify a minimum amount they expect from the swap, which would protect them from slippage.
Assessed type
MEV