search

code-423n4 / 2023-11-kelp-findings

13 stars 11 forks source link

Directly transfer asset to depositPool or nodeDelegator will impact rsETH price #608

Closed c4-submissions closed 11 months ago

c4-submissions commented 11 months ago

Lines of code

https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/LRTDepositPool.sol#L79 https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/LRTDepositPool.sol#L83

Vulnerability details

Impact

The rsETH price will fluctuate if someone directly transfer stETH/cbETH/rETH to depositPool or nodeDelegator.

Proof of Concept

The stETH/cbETH/rETH to ETH price approximately equals to 1. So the rsETH to ETH price approximately equals to 1. But if someone directly transfer stETH/cbETH/rETH to depositPool or nodeDelegator the rsETH price will fluctuate. When withdraw function is implemented for the protocol, people who minted rsETH early will withdraw to get more asset than they deposited.Meanwhile, the deposit amount of asset has limits. The increase in pool assets will have an impact on others' deposits.

Tools Used

Manual

Recommended Mitigation Steps

Consider adding a value to record depositAmount. The rsETH price is calculated with depositAmount, not balanceOf(address(this)).

Assessed type

Other

c4-pre-sort commented 11 months ago

raymondfam marked the issue as insufficient quality report

c4-pre-sort commented 11 months ago

raymondfam marked the issue as duplicate of #435

c4-judge commented 10 months ago

fatherGoose1 marked the issue as unsatisfactory: Invalid