search

code-423n4 / 2024-03-saltyio-mitigation-findings

0 stars 0 forks source link

M-27 MitigationConfirmed #109

Open c4-bot-1 opened 7 months ago

c4-bot-1 commented 7 months ago

Lines of code

Vulnerability details

Lines of code

Vulnerability details

C4 Issue

https://github.com/code-423n4/2024-01-salty-findings/issues/222

Comments

The issue describes how an attacker can exploit the liquidity valuation mechanism in Salty by manipulating the reserve ratio of a pool to artificially inflate the value of a liquidity position, enabling them to take out an undercollateralized USDS loan. This is done by performing a swap that significantly alters the pool's reserve ratio, diverging from the "correct" ratio that matches the oracle-provided values of the tokens. Despite the aggregated oracle being difficult to manipulate directly, altering the token ratio in a Uniswap V2 style pool increases the USD-denominated value of the liquidity position due to the mechanics of AMM arbitrage and slippage. This inflated value can then be used as collateral to borrow USDS, potentially leading to a scenario where the stablecoin becomes undercollateralized if the borrowed funds are not repaid.

Mitigation

https://github.com/othernet-global/salty-io/commit/8e3231d3f444e9851881d642d6dd03021fade5ed

The mitigation for this issue revolved around the deprecation of number of key components including the removal of the overcollateralized USDS stablecoin framework, which also meant the concept of borrowing of USDS no longer exists.

Conclusion

LGTM

c4-judge commented 6 months ago

Picodes marked the issue as satisfactory

c4-judge commented 6 months ago

Picodes marked the issue as confirmed for report