The attacker can exercise the TAP option twice by just locking their position for slightly more than one week

[c4-bot-9]

Lines of code

https://github.com/Tapioca-DAO/tap-token/blob/20a83b1d2d5577653610a6c3879dff9df4968345/contracts/options/TapiocaOptionBroker.sol#L512-L514 https://github.com/Tapioca-DAO/tap-token/blob/20a83b1d2d5577653610a6c3879dff9df4968345/contracts/options/TapiocaOptionBroker.sol#L318-L320 https://github.com/Tapioca-DAO/tap-token/blob/20a83b1d2d5577653610a6c3879dff9df4968345/contracts/options/TapiocaOptionBroker.sol#L369-L370

Vulnerability details

Description

Both timestamp and epoch logic are utilized within the TapiocaOptionBroker contract to determine if a position is active:

• In the exitPosition() function, a position can be exited when block.timestamp exceeds lock.lockTime + lock.lockDuration.
• Meanwhile, in the exerciseOption() function, the position is considered active if epoch is less than or equal to _timestampToWeek(lock.lockTime + lock.lockDuration).

function _timestampToWeek(uint256 timestamp) internal view returns (uint256) {
    return ((timestamp - emissionsStartTime) / EPOCH_DURATION);
}

Additionally, the epoch storage value can be incremented by 1 when a week has passed by invoking the newEpoch() function. This function is open for anyone to call, enabling an attacker to exploit the system by creating a lock position slightly longer than a week (e.g., lockDuration = WEEK + 100 seconds) and locking it near the end of an epoch to exercise the option for two weeks.

Consider the following scenario for the attacker's strategy:

1. Assume emissionsStartTime = 0.
2. At block.timestamp = EPOCH_DURATION - 10, the attacker calls participate() with a position duration of EPOCH_DURATION + 10.
3. At block.timestamp = EPOCH_DURATION, the newEpoch() function is invoked, incrementing epoch to 1.
4. At block.timestamp = 2 * EPOCH_DURATION - 10, a week after the attacker's participate() call, they execute exerciseOption() to obtain the first option.
5. At block.timestamp = 3 * EPOCH_DURATION:
   • newEpoch() is invoked, advancing epoch to 2.
   • The attacker calls exerciseOption() to obtain the second option (valid since epoch = 3 = _timestampToWeek(lock.lockTime + lock.lockDuration)).
6. The attacker calls exitPosition to exit their position.

As demonstrated, by locking their position for slightly more than a week, the attacker can acquire two options instead of one.

Impact

• The attacker can claim x+1 options by simply locking their position for slightly more than x weeks.
• Additionally, the tap token to be exercised at epoch x+1 will be diluted by the attacker.

Tools Used

Manual review

Recommended Mitigation Steps

Ensure that positions can participate in the option broker, they must be divisible by EPOCH_DURATION.

Assessed type

Timing

[c4-judge]

dmvt marked the issue as primary issue

[c4-judge]

dmvt marked the issue as duplicate of #130

[c4-judge]

dmvt marked the issue as not a duplicate

[c4-judge]

dmvt marked the issue as duplicate of #131

[c4-judge]

dmvt marked the issue as satisfactory