c4-pre-sort
commented
1 year ago raymondfam marked the issue as sufficient quality report
Closed c4-submissions closed 1 year ago
c4-pre-sort
commented
1 year ago raymondfam marked the issue as sufficient quality report
c4-pre-sort
commented
1 year ago raymondfam marked the issue as duplicate of #288
c4-judge
commented
1 year ago MiloTruck marked the issue as not a duplicate
c4-judge
commented
1 year ago MiloTruck changed the severity to QA (Quality Assurance)
MiloTruck
commented
1 year ago I meant to mark this as invalid.
Users opening as many safes as they want has no impact on the protocol whatsoever.
c4-judge
commented
1 year ago MiloTruck marked the issue as grade-c
Lines of code
https://github.com/open-dollar/od-contracts/blob/v1.5.5-audit/src/contracts/proxies/ODSafeManager.sol#L118-L133
Vulnerability details
Impact
This report outlines a critical security vulnerability in the openSAFE function of the ODSafeManager.sol, which is susceptible to a Sybil attack. A Sybil attack is a form of malicious activity in which an attacker creates multiple fake identities (Sybil nodes) to gain an unfair advantage or exploit a system. In this case, the vulnerability allows a malicious user to open multiple safes using the openSAFE function, potentially leading to an abuse of the system's resources and a disruption of certain intended functionality. Which includes altering the revaluation and devaluation processes of the Open Dollar token due to possession of vast amounts of safes compared to other users
Proof of Concept
The vulnerability is identified in the following code snippet of the openSAFE function
The vulnerability allows for the following issues:
Lack of Identity Verification: The openSAFE function does not have any mechanism to verify the identity or authenticity of the user _usr. This lack of identity verification opens the door for malicious users to impersonate multiple users and open multiple safes without proper authorization.
Sybil and concurrent DOS attack: A malicious user can exploit the absence of identity verification by repeatedly calling the openSAFE function with different addresses, effectively creating multiple fake user identities. This can lead to a Sybil attack, where the attacker can overwhelm the system with numerous safes, potentially disrupting the intended operation of the contract and draining its resources.
A successful Sybil attack cause the primary function of the protocol to fail whereby the revaluation and devaluation of the Open dollar coin to the redemptive prices becomes catastrophically defective due to malicious actors possessing vast amounts of safes with collateral and refusing to sell their OD tokens at secondary market during de-evaluation or shorting during re-evaluation.
Tools Used
Manual review, Vscode
Recommended Mitigation Steps
Implement Identity Verification: Introduce a robust identity verification mechanism within the openSAFE function to ensure that only legitimate users can open safes. This may involve the integration of user authentication processes, such as whitelisting, Know Your Customer (KYC) checks, or other identity verification methods, depending on the specific use case and requirements.
Rate Limiting: Implement rate limiting mechanisms to restrict the number of safes that can be opened within a specific time frame. This can help prevent a single entity from opening an excessive number of safes in a short period, reducing the risk of a Sybil attack.
Monitoring and Logging: Implement comprehensive monitoring and logging of all openSAFE function calls to detect any suspicious or malicious activity promptly. These logs can be used for auditing and security analysis.
Assessed type
Access Control