search

code-423n4 / 2023-11-kelp-findings

13 stars 11 forks source link

No slippage control on deposit of LRTDepositPool.sol #847

Closed c4-submissions closed 1 year ago

c4-submissions commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTDepositPool.sol#L119-L144

Vulnerability details

Impact

There is no slippage control on depositAsset() of LRTDepositPool, which expose user to sandwich attack.

Proof of Concept

Any deposit can be sandwiched in LRTDepositPool, especially when the pool is not balanced.

Exploit Scenario:

Bob, a normal user, calls depositAsset(). Since there is no minAmountOut, which means that the deposit can be executed at any price. As a result, when Eve sandwiches the deposit , Bob deposit the tokens without minting any, effectively giving away tokens for free.

A Detailed Guide To Sandwich Attacks In DeFi.

Tools Used

Recommended Mitigation Steps

Add a minAmountOut in depositAsset()

Assessed type

MEV

c4-pre-sort commented 1 year ago

raymondfam marked the issue as sufficient quality report

c4-pre-sort commented 1 year ago

raymondfam marked the issue as duplicate of #39

c4-pre-sort commented 1 year ago

raymondfam marked the issue as duplicate of #148

c4-judge commented 11 months ago

fatherGoose1 marked the issue as satisfactory