Open c4-bot-3 opened 8 months ago
bytes032 marked the issue as primary issue
bytes032 marked the issue as sufficient quality report
Note for judge re dup #109
Even though both of them are about anyone could deposit to any trove, #109 talked about different case where the threshold of a trove depending on which yangs it deposited,
For #115, it is Acknowledge + Disagree with severity because the likelihood of this happening is low.
For #109, it is Confirm.
tserg (sponsor) acknowledged
tserg marked the issue as disagree with severity
The Warden has demonstrated how bad debt re-allocation can be "gamed" due to the permissionless deposit system of troves.
This particular attack vector is quite interesting and I commend the Warden for their out-of-the-box thinking. I believe a medium-risk grade, however, is better suited for it given that the likelihood of a liquidation of a trove with an asset that is not held by any other trove in the system is low.
alex-ppg changed the severity to 2 (Med Risk)
alex-ppg marked the issue as satisfactory
alex-ppg marked the issue as selected for report
Lines of code
https://github.com/code-423n4/2024-01-opus/blob/04583e0411dbf8027952d668a8678fda0cb5b160/src/core/abbot.cairo#L191-L200
Vulnerability details
Impact
In a redistribution, the unhealthy trove's collateral and debt is distributed among troves proportionally to its collateral composition. If no other troves has deposited a yang that is to be redistributed, then the debt and value attributed to that yang will be redistributed among all other yangs in the system according to their value proportionally to the total value of all remaining yangs in the system.
However, the Opus protocol allows anyone to deposit into any trove, even if they are not the trove's owner, as seen in the function
abbot.deposit()
. This feature could potentially be exploited by an attacker. For instance, if a yang is only deposited in one trove that's being redistributed, the attacker could deposit a small amount into a victim's trove. This could result in all bad debt being redistributed to the victim's trove instead of exceptional redistribution, even if the victim didn't want this (i.e., they didn't deposit this yang into their trove).Proof of Concept
Consider the following scenario:
Tools Used
Manual Review
Recommended Mitigation Steps
Limit deposits to only the trove's owner.
Assessed type
Other