c4-judge
commented
5 months ago alcueca marked the issue as not a duplicate
Closed howlbot-integration[bot] closed 5 months ago
c4-judge
commented
5 months ago alcueca marked the issue as not a duplicate
c4-judge
commented
5 months ago alcueca marked the issue as duplicate of #326
c4-judge
commented
5 months ago alcueca marked the issue as satisfactory
Lines of code
https://github.com/code-423n4/2024-04-renzo/blob/519e518f2d8dec9acf6482b84a181e403070d22d/contracts/Withdraw/WithdrawQueue.sol#L229
Vulnerability details
Impact
Holders of wBETH and other tokens that will be accepted by Renzo can compensate for their losses resulting from price drop (e.g. slashing) using the funds of Renzo users. Very quickly after this system weakness will be discovered by the first attacker, it can be automated and exploited by bots as an arbitrage opportunity creating a growing loss for Renzo depositors.
Proof of Concept
Renzo creates a system that allows for restaking various tokens and receive their Liquid Restaking Token (LRT) EzETH in return. Example ERC20 used by the protocol ezETH, stETH, wBETH.
Users depositing their funds into Renzo are encouraged by the rewards of staking and re-staking through EigenLayer, but they also bear the risk of penalties and slashing of their deposited funds.
However, in case of wBETH, the 3rd party users who are not associated in any way with Renzo ecosystem can take advantage of such LRT and make Renzo users bear their losses.
Keeping in mind these things:
Consider the following scenario (values used for ease of calculation and to illustrate the attack, real values will be presented later in this description):
200 ETH is deposited inside Renzo by users and 200 ezETH were minted.
The attacker (wBETH staker) has 100 wBETH (price is e.g. 1 wBETH = 2 ETH, their wBETH is worth 200 ETH)
The attacker knows through monitoring slashing events and big withdrawalas that price will drop soon.
The attacker deposit their 100 wBETH to Renzo to get 200 ezETH (as current price is still 1 wBETH = 2 ETH)
Total value locked on Renzo will increase from 200 ETH to 400 ETH (200 eth and 100 wBETH). Users posses 200 ezETH, Attacker posses 200 ezETH.
Total value locked on Renzo will decrease from 400 ETH to 300 ETH (as 100 wBETH is now worth only 100 ETH). That causes value drop for ezETH value (1 ezETH = 0,75 ETH).
Attacker gets 200 wBETH back (current price is 100 ETH) and additional 50 ETH.
Attacker buys additional wBETH for their additional 50 ETH, so know they have 250 wBETH (from another source, outside protocol)
Now price recover, so its again 1 wBETH = 2 ETH.
Attacker now have 250 wBETH worth 500 ETH, and Renzo users have 150 ETH (lost 50 ETH, as attacker delegeted their risk to Renzo users).
However, the price will not drop by 50%. The real numbers could be up to 10%.
wBETH (https://coinmarketcap.com/currencies/wrapped-beacon-eth/) there are price drops (https://coinmarketcap.com/currencies/wrapped-beacon-eth/historical-data/)
Looking also at 2 examples of similar assets to those that are considered (cbETH and wstETH) we can observe the following:
cbETH (https://coinmarketcap.com/currencies/coinbase-wrapped-staked-eth/) there are price drops, based on data from last 365 days the biggest percentage drop in price occurred on March 11, 2023, with a drop of approximately 8.25% (https://coinmarketcap.com/currencies/coinbase-wrapped-staked-eth/historical-data/)
wstETH (https://coinmarketcap.com/currencies/lido-finance-wsteth/) there are price drops, based on data from last 365 days the biggest percentage drop in price occurred also on March 11, 2023, with a drop of approximately 9.28% (https://coinmarketcap.com/currencies/lido-finance-wsteth/historical-data/)
Tools Used
Manual Review
Recommended Mitigation Steps
Set a minimum period for the user between their deposit and withdrawal so that they cannot take advantage of price fluctuations. Right know, their redeem amount is calculted as soon as withdraw is called.
Assessed type
Other