search

code-423n4 / 2024-02-uniswap-foundation-findings

2 stars 3 forks source link

Front-Running Vulnerability in Reward Distribution Allowing Extraction of Miner-Extractable Value (MEV) #194

Closed c4-bot-5 closed 7 months ago

c4-bot-5 commented 7 months ago

Lines of code

https://github.com/code-423n4/2024-02-uniswap-foundation/blob/main/src/UniStaker.sol#L753-L756

Vulnerability details

Impact

Detailed description of the impact of this finding. description: The identified vulnerability stems from the potential for an attacker to engage in front-running within the _checkpointGlobalReward function of the staking contract. By monitoring the blockchain for transactions calling the receiveRewards function and placing a high gas fee transaction to deposit a substantial amount of tokens just before the receiveRewards transaction is confirmed, the attacker can manipulate the rewardPerTokenAccumulatedCheckpoint and lastCheckpointTime to reflect the inflated token amount. Consequently, when the receiveRewards transaction is processed, rewards are calculated and distributed based on this inflated stake, allowing the attacker to claim a disproportionate share of the rewards upon withdrawal. This manipulation effectively allows the attacker to extract miner-extractable value (MEV) and constitutes theft of unclaimed yield, severely impacting the fairness of reward distribution and resulting in financial losses for honest stakers.

Proof of Concept

Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. https://github.com/code-423n4/2024-02-uniswap-foundation/blob/main/src/UniStaker.sol#L753-L756

Tools Used

Recommended Mitigation Steps

Finding Recommendation: To address this vulnerability and prevent front-running attacks on the rewards distribution mechanism, it is recommended to implement safeguards such as:

  1. Implementing a delay or lockup period before rewards can be claimed after a deposit is made to prevent attackers from quickly withdrawing their funds and rewards.
  2. Implementing a cap on the amount of rewards that can be claimed based on the duration of staking, to prevent disproportionately large rewards for short staking periods.
  3. Using secure timestamping techniques or oracle verification to ensure the accuracy of reward calculations and prevent manipulation of timing.
  4. Auditing the contract code to identify and address any other potential vulnerabilities that could be exploited in a similar manner.

By implementing these safeguards, the contract can mitigate the risk of MEV extraction through front-running attacks and ensure a fair distribution of rewards to all stakers.

Assessed type

MEV

c4-judge commented 7 months ago

MarioPoneder marked the issue as unsatisfactory: Insufficient proof