search

code-423n4 / 2024-02-wise-lending-findings

11 stars 8 forks source link

A position can have a token registered in lending tokens list with 0 amount deposited #235

Closed c4-bot-1 closed 5 months ago

c4-bot-1 commented 5 months ago

Lines of code

https://github.com/code-423n4/2024-02-wise-lending/blob/main/contracts/WiseSecurity/WiseSecurity.sol#L1100-L1102

Vulnerability details

Impact

When a deposit of tokens is executed, a check inside WiseSecurity is executed in order to ensure a minimum amount.

    function _checkMinDepositValue(
        address _token,
        uint256 _amount
    )
        private
        view
        returns (bool)
    {
        if (minDepositEthValue == ONE_WEI) {
            return true;
        }

        if (_getTokensInEth(_token, _amount) < minDepositEthValue) {
            revert DepositAmountTooSmall();
        }

        return true;
    }

We can notice here that when the minDepositEthValue is 1 wei, the check returns true regardless of the amount deposited. Hence, if the amount deposited is 0 the function call will not revert. In the case of normal deposits, the amount of shares to mint is also checked to be above minimum, but for solely deposits, if a user selects 0 amount of tokens to deposit, he will register the token in his lending list without having any amount of this token deposited.

This error breaks the invariant of the lending token list that only have active tokens with amount greater than 0.

This vulnerability could be used to make intentionally spend way more gas that required to liquidate his position.

Tools Used

Manual review

Recommended Mitigation Steps

Check if the amount deposited is greater or equal to 1 when minDepositEthValue is set to 1 wei.

    function _checkMinDepositValue(
        address _token,
        uint256 _amount
    )
        private
        view
        returns (bool)
    {
        if (minDepositEthValue == ONE_WEI && _amount == 0) {
            revert DepositAmountTooSmall();
        }

        if (_getTokensInEth(_token, _amount) < minDepositEthValue) {
            revert DepositAmountTooSmall();
        }

        return true;
    }

Assessed type

Error

c4-pre-sort commented 5 months ago

GalloDaSballo marked the issue as sufficient quality report

GalloDaSballo commented 5 months ago

Worth checking but this may miss other parts of other reports that talk about adding empty positions to prevent liquidations

c4-pre-sort commented 5 months ago

GalloDaSballo marked the issue as primary issue

trust1995 commented 5 months ago

The impact has not been developed enough, and it would be appropriate to introduce the components which would affect the "excessive gas spending" on liquidation. This is not to say the finding is invalid, but it is of insufficient quality for rewards.

c4-judge commented 5 months ago

trust1995 marked the issue as unsatisfactory: Insufficient proof