Closed c4-bot-10 closed 9 months ago
raymondfam marked the issue as primary issue
raymondfam marked the issue as sufficient quality report
viraj124 (sponsor) disputed
This is 100% expected behavior. Indeed, it was a conscious design choice to allow the user to spend more than they have. We chose for the balanceDelta to use int256 to track user balances to enable this behavior. The white paper goes into detail about this.
it is just an ocean feature like flash loans at Aave for example to let users spend more tokens than they own when doing multiple interactions as long as the protocol doesn't lose any tokens in the end
0xA5DF marked the issue as unsatisfactory: Invalid
Agree with sponsor
Lines of code
https://github.com/code-423n4/2023-11-shellprotocol/blob/485de7383cdf88284ee6bcf2926fb7c19e9fb257/src/ocean/Ocean.sol#L229 https://github.com/code-423n4/2023-11-shellprotocol/blob/485de7383cdf88284ee6bcf2926fb7c19e9fb257/src/ocean/Ocean.sol#L281 https://github.com/code-423n4/2023-11-shellprotocol/blob/485de7383cdf88284ee6bcf2926fb7c19e9fb257/src/ocean/Ocean.sol#L522 https://github.com/code-423n4/2023-11-shellprotocol/blob/485de7383cdf88284ee6bcf2926fb7c19e9fb257/src/ocean/Ocean.sol#L757
Vulnerability details
Impact
User can use more wrapped tokens than they own.
Proof of Concept
When wrapped tokens are used by an Adaptor or Primitive through
_computeOutputAmount
, it does not check if the user has enough tokens. Therefore, when calling_computeOutputAmount
, you need to check that the user ownsinputAmount
ofinputTokens
.Normally, the balance is checked by ERC1155 burn, but in the case of
_doMultipleInteractions
, the delta is calculated during processing multiple interactions, and then mint/burn at the end.Therefore, if user spends more wrapped tokens than the user acturally has, and then return the same amount of tokens, delta would be zero and there no burn will accurs.
This means that all wrapped tokens can be stolen in a flashloan-like style for 1 tx. Users can earn profit by similar way with flashloan, except not lending but using stolen token.
User needs to make delta zero to avoid burning ERC1155, so the stolen tokens must be returned. As a result, there is no loss of tokens in the protocol.
However, Ocean is a ledger service, not a lending service. The fact that users can spend more tokens than they own is a critical issue for this service.
This is a PoC test code. First, define this PoC contract at the top of the TestCurve2PoolAdapter.t.sol file.
Then add the following function to the TestCurve2PoolAdapter contract in the TestCurve2PoolAdapter.t.sol file and run it.
Tools Used
Manual Review
Recommended Mitigation Steps
Check balance of user before spending token.
Assessed type
Invalid Validation