Closed c4-bot-2 closed 5 months ago
No, that is actually as designed. It is not possible to borrow infinite amount. If you look at the table at one point the debt reaches the collateral value. But.. you can borrow a multiple of the initial value (thats why it is called leverage).
kalinbas (sponsor) disputed
Hi @kalinbas , thank you for your response. As I stated in the comment, the value of debt and collateral will slowly converge because multiple fees involved in the process of borrow -> increase liquidity. At that point, debt > collateral and the attacker cannot borrow anymore. However, attacker then can buy some a small amount of tokens himself from the market, increase his liquidity and thus increase his collateral value and continue.
What I want to demonstrate here is that the protocol has no control on leverage limit; and this will eventually allow attacker to borrow all the assets. In the POC, each time the attacker borrows 2USDC, then his collateral increases by 1.76 USDC, but this number might varies depends on the swap, the positions and other data; and allow the attackers to borrow even more.
I forgot to mention that in the end of the POC, due to the leftover during swap, the attacker gain 1.4 USD in DAI tokens, replace the loop with this to see the DAI balance:
for(uint i=0;i < 35; i++) {
vault.transform(TEST_NFT, address(transformer), abi.encodeCall(LeverageTransformer.leverageUp, (params2)));
( debt,, collateralValue,,) = vault.loanInfo(TEST_NFT);
console.log("Collateral %s: Debt %s", collateralValue, debt);
console.log("DAI balance %s", DAI.balanceOf(TEST_NFT_ACCOUNT));
}
I did not understand the vulnerability expressed by the warden, what I see is only how to utilize leverage, which is actually common in all lending markets.
I will temporarily mark this issue as invalid. If I missed anything, please remind me during the post-QA stage.
jhsagd76 marked the issue as unsatisfactory: Insufficient proof
Hi @jhsagd76 , thank you for your response. You're correct that this is not an issue. My idea in this is that a user can repeat the loop of (borrow -> increase collateral -> borrow more) forever. This is possible if an attacker creates an NFT position with tickLower = MIN_TICK and tickUpper = MIN_TICK + tickSpacing.
For example:
collateralFactorX32
is at most 90%. If Alice borrows 1 USDC and makes her full value increase by 1 USDC, then her collateral will only increase at most by 0.9 USDC. In other words, if debt increases by 1 USDC then collateral increases at most by 0.9 USDC -> this what makes the loop unable to continue forever.
In conclusion, this is not an issue, I just want to clarify my thought here.
Thank you 😄
Lines of code
https://github.com/revert-finance/lend/blob/audit/src/transformers/LeverageTransformer.sol#L41-L102
Vulnerability details
Impact
Proof of concept
The contract
LeverageTransformer
is documented asLets positions being leveraged by borrowing, swapping and reading to collateralized position atomically. Also supports deleveraging.
. Below is how the functionleverageUp
works:token0
ortoken1
token0
ortoken1
is deposited back the UniswapV3 in functionincreaseLiquidity
to increase liquidity of the position.The problem with this flow is that it has no control of how much leverage a position could use. An attacker could exploit this by following these steps:
Below is a POC, save this to file
test/integration/V3Vault.t.sol
and run it using command:forge test --match-path test/integration/V3Vault.t.sol --match-test testTransformLeverageUp -vvv
The test shows how an attacker could repeatedly borrow and increase his Uniswap liquidity, the result is a log of collateralValue/debt every loop:
As you can see, starting with a Uniswap position worth only 8.8 USDC, the attacker can borrow 70USDC (8x leverage) and this can continue forever until daily debt increase limit is reached; after this, the attacker can wait to the next day and continue.
The value of debt and collateral will slowly converge because multiple fees involved in the process of borrow -> increase liquidity. At that point, debt > collateral and the attacker cannot borrow anymore. However, attacker then can buy some a small amount of tokens himself from the market, increase his liquidity and thus increase his collateral value and continue.
Tool used
Manual Review
Recommended Mitigation
I think Revert Lend should put a limit on the average percentage allowed.
Assessed type
Math