c4-submissions commented 10 months ago

Lines of code

https://github.com/code-423n4/2023-11-zetachain/blob/2834e3f85b2c7774e97413936018a0814c57d860/repos/protocol-contracts/contracts/evm/tools/ZetaTokenConsumerUniV2.strategy.sol#L34

Vulnerability details

Impact

Without a deadline check, attackers can exploit the lack of time constraints, allowing them to observe transactions in the mempool and opportunistically submit their transactions with higher gas fees to get prioritized. In the context of automated market makers (AMMs) like Uniswap, this could lead to attackers getting more favorable swap rates at the expense of legitimate users. Users executing swaps might experience unexpected behavior if the transaction execution occurs at a time different from what they intended. This lack of predictability can erode user trust in the functionality of the smart contract.

Proof of Concept

Missing the deadline check exposes Alice to the risk of front-running by Mallory. Mallory exploits the absence of a time constraint, manipulating the transaction order and securing a better rate for the ZetaToken. As a result, Alice experiences a less advantageous outcome than she initially anticipated.

Scenario:

Alice decides to swap 1 ETH for ZetaToken using a Zetachain with the following parameters:

*Source Token: 1 ETH Destination Token: ZetaToken Minimum Amount Out: Specified by Alice Destination Address: Alice's wallet address***

Alice Initiates Swap:

Alice creates a transaction to swap 1 ETH for ZetaToken. She specifies her wallet address as the destination to receive ZetaToken.

No Deadline Check:

The smart contract lacks a deadline check, allowing transactions to be processed without a time constraint.

Mallory's Front-Running Attack:

Mallory, a malicious actor, monitors pending transactions on the network. Seeing Alice's transaction without a deadline, Mallory quickly submits a transaction with a higher gas fee, front-running Alice's swaps

Priority for Mallory:

Miners prioritize transactions with higher gas fees, and Mallory's transaction gets picked up first due to the elevated gas fee.

Unfavorable Outcome for Alice:

Mallory's transaction executes at a more favorable rate for ZetaToken due to the front-running advantage. Alice's swap, now processed at a different rate, results in her receiving fewer ZetaTokens than expected.

This scenario emphasizes the importance of implementing a deadline check in smart contracts handling token swaps. By enforcing a reasonable deadline, developers can mitigate the risk of front-running attacks, providing users like Alice with a more secure and predictable trading experience.

Tools Used

Github, Manual review

Recommended Mitigation Steps

Implementing a robust deadline check is crucial to mitigating these risks. The smart contract should ensure that the provided deadline is in the future, providing a reasonable window for transaction execution. Additionally, users should be educated about the importance of setting realistic deadlines to align with their trading expectations

Assessed type

Timing

c4-pre-sort commented 10 months ago

DadeKuma marked the issue as insufficient quality report

c4-pre-sort commented 10 months ago

DadeKuma marked the issue as duplicate of #122

c4-judge commented 9 months ago

0xean changed the severity to QA (Quality Assurance)