Closed c4-bot-9 closed 10 months ago
raymondfam marked the issue as sufficient quality report
raymondfam marked the issue as duplicate of #26
raymondfam marked the issue as duplicate of #397
MarioPoneder changed the severity to 2 (Med Risk)
MarioPoneder marked the issue as satisfactory
Lines of code
https://github.com/code-423n4/2023-12-revolutionprotocol/blob/main/packages/revolution/src/ERC20TokenEmitter.sol#L152-L230 https://github.com/code-423n4/2023-12-revolutionprotocol/blob/main/packages/revolution/src/ERC20TokenEmitter.sol#L254-L264
Vulnerability details
Impact
The
buyToken
function can be called by anyone, an attacker can call this function to front run the transaction of a honest user who's trying to buy ERC20 tokens and increase the VRGDA price, thus when the user transaction goes through he will be minted less amount of ERC20 tokens than what was intended for his provided ether amount.Proof of Concept
The issue occurs in the
buyToken
method shown below :As it can be seen from the code above when
buyToken
is called it internally invokes thegetTokenQuoteForEther
function to find out the amount of ERC20 tokens to be minted given the ETH amount,getTokenQuoteForEther
under the hood calls the VRGDACyToX
method to get the current amount of ERC20 tokens that would be emitted for an amount of wei:Because the amount of ERC20 tokens to minted depends on the amount already minted and the emission time, an attacker can front-run a honest user call to
buyToken
to mint a certain amount of ERC20 tokens and when the user transaction goes through he will be minted less amount of ERC20 tokens than what was intended as the attacker has changed the price of the VRGDAC. This attack is similaire to slippage that can occur in the swap operations in decentralized AMMs.To illustrate this issue let's take this example:
Bob calls
buyToken
to mint an amount of ERC20 tokens and providesmsg.value = 1 ether
and expecting to get the correct amount of ERC20 tokens based on the current price.Alice sees Bob transaction and wants to grief him so she calls
buyToken
before him (front run) and mints a certain amount of ERC20 tokens.After Alice tx goes through the ERC20 emitted amount has now changed (increased) and thus the VRGDAC price is also changed (increases).
When Bob tx is processed now, he will receive less ERC20 tokens for his provided ether amount because
getTokenQuoteForEther
will use in its calculation the current ERC20 emitted amountemittedTokenWad
which was increased by Alice's transaction.And thus Alice has succeed in griefing Bob and forced him to take a loss on his ETH amount.
Tools Used
Manual review
Recommended Mitigation Steps
To avoid this issue an additional slippage parameters should be included in the
buyToken
function which allows the caller to set the minimum ERC20 tokens that he's expecting to receive.Assessed type
Context