User who deposits first into LRTDepositPool can be a victim of an inflation attack. An attacker can frontrun the deposit transaction with a "one wei" deposit, which will result in the greatly reduced amount of minted tokens.
Proof of Concept
Here is the flow of the deposit operation:
the user transfers assets to the pool
we get rsETH/ETH price from the oracle
if no rsETH tokens were minted - price is 1 ether, otherwise it is S/T, where S-sum of all asset tokens stored in the protocol in ETH, T-rsETH total supply
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTDepositPool.sol#L136 https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTDepositPool.sol#L109 https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTOracle.sol#L52-L79
Vulnerability details
Impact
User who deposits first into
LRTDepositPool
can be a victim of an inflation attack. An attacker can frontrun the deposit transaction with a "one wei" deposit, which will result in the greatly reduced amount of minted tokens.Proof of Concept
Here is the flow of the deposit operation:
use the received price to mint rsETH tokens.
Let's say Alice was frontrunned while depositing 6 stETH, for simplicity stETH/ETH = 1,
S = (6e18 + 1) * 1e18, T = 1 => minted = 6e18 * 1e18 / ((6e18 + 1) * 1e18) = 0
Here is the forge test
Tools Used
Foundry, LRTDepositPoolTest.t.sol
Recommended Mitigation Steps
Consider preminting some amount of rsETH during the pool deployment.
Assessed type
ERC4626