search

code-423n4 / 2023-12-ethereumcreditguild-findings

17 stars 11 forks source link

Failure to reference credit multiplier in SurplusGuildMinter staking results in guild voting power obtained from staking requiring less underlying value #275

Closed c4-bot-1 closed 8 months ago

c4-bot-1 commented 9 months ago

Lines of code

https://github.com/code-423n4/2023-12-ethereumcreditguild/blob/2376d9af792584e3d15ec9c32578daa33bb56b43/src/loan/SurplusGuildMinter.sol#L24

Vulnerability details

Impact

Credit multiplier changes are not reflected by the effective cost of Guild voting power in the SurplusGuildMinter. This disincentivizes long term staking and reduces the inherent value of Guild.

Proof of Concept

Unlike other contracts in the system, SurplusGuildMinter doesn't reference the Credit multiplier to value Credit as used with the protocol. Instead, it simply uses the mintRatio to define an amount of Guild voting power to receive per Credit staked.

The result is that the same amount of Guild voting power can be achieved with a decreasing amount of underlying peg token over time as the multiplier decreases.

The value of Guild is based upon its voting power. Since it costs less underlying tokens to get the same amount of Guild voting power over time, the inherent value of Guild decreases as the Credit multiplier decreases.

Tools Used

Recommended Mitigation Steps

Reference the Credit multiplier in computing the amount of Guild voting power to receive when staking a given amount of Credit.

Assessed type

Other

c4-pre-sort commented 8 months ago

0xSorryNotSorry marked the issue as sufficient quality report

c4-pre-sort commented 8 months ago

0xSorryNotSorry marked the issue as primary issue

eswak commented 8 months ago

Acknowledging this and suggest we decrease to Low, there won't be any mitigation as governance is expected to propose parameter updates regularly (such as SGM mint and reward ratio, veto for quorums, etc) as the protocol lives and creditMultiplier changes or more GUILD enters circulation.

c4-sponsor commented 8 months ago

eswak marked the issue as disagree with severity

c4-sponsor commented 8 months ago

eswak (sponsor) acknowledged

c4-judge commented 8 months ago

Trumpero changed the severity to QA (Quality Assurance)

c4-judge commented 8 months ago

Trumpero marked the issue as grade-a

c4-judge commented 8 months ago

Trumpero marked the issue as grade-c