search

code-423n4 / 2023-10-wildcat-findings

12 stars 9 forks source link

potential griefing attack on setReserveRatioBips #616

Closed c4-submissions closed 10 months ago

c4-submissions commented 10 months ago

Lines of code

https://github.com/code-423n4/2023-10-wildcat/blob/c5df665f0bc2ca5df6f06938d66494b11e7bdada/src/market/WildcatMarketConfig.sol#L171-L194

Vulnerability details

Impact

griefing attack can happen at setReserveRationBips by lenders .

Proof of Concept

here is how liquidity work 

         function liquidityRequired(
   MarketState memory state
 ) internal pure returns (uint256 _liquidityRequired) {
  uint256 scaledWithdrawals = state.scaledPendingWithdrawals;
  uint256 scaledRequiredReserves = (state.scaledTotalSupply - scaledWithdrawals).bipMul(
  state.reserveRatioBips
 ) + scaledWithdrawals;
return
  state.normalizeAmount(scaledRequiredReserves) +
  state.accruedProtocolFees +
  state.normalizedUnclaimedWithdrawals;

}

by front running, lenders call queueWithdrawal with certain amount while controller try to setReserveRationBips .Transaction will be revert

Tools Used

manual view

Recommended Mitigation Steps

add pause function , then pause when protocol call is being executed

Assessed type

DoS

c4-pre-sort commented 10 months ago

minhquanym marked the issue as low quality report

minhquanym commented 10 months ago

Insufficient proof

c4-judge commented 10 months ago

MarioPoneder marked the issue as unsatisfactory: Insufficient proof