Closed howlbot-integration[bot] closed 3 months ago
koolexcrypto marked the issue as duplicate of #18
koolexcrypto changed the severity to 3 (High Risk)
koolexcrypto changed the severity to 2 (Med Risk)
koolexcrypto marked the issue as not a duplicate
koolexcrypto changed the severity to QA (Quality Assurance)
koolexcrypto marked the issue as grade-c
Lines of code
https://github.com/code-423n4/2024-05-loop/blob/0dc8467ccff27230e7c0530b619524cc8401e22a/src/PrelaunchPoints.sol#L249 https://github.com/code-423n4/2024-05-loop/blob/0dc8467ccff27230e7c0530b619524cc8401e22a/src/PrelaunchPoints.sol#L315-L324 https://github.com/code-423n4/2024-05-loop/blob/0dc8467ccff27230e7c0530b619524cc8401e22a/src/PrelaunchPoints.sol#L388-L392
Vulnerability details
Impact
The identified issue in the contract results in a distortion of the conversion ratio between LPETH and ETH, deviating from the intended 1:1 ratio specified in the project documentation. This distortion occurs when users forward ETH directly to the contract, causing the LPETH to ETH conversion ratio to become inaccurate. Such discrepancies breaks one of the contract's main variant.
Proof of Concept
The root cause of the issue lies in the
convertAllETH()
function, particularly the line:This line of code distorts the conversion ratio between LPETH and ETH when users forward ETH directly to the contract, as it calculates the claimed amount based on a formula that does not adhere to the 1:1 conversion ratio specified in the project documentation.
Tools Used
Manual code analysis
Recommended Mitigation Steps
To rectify the distortion of the LPETH to ETH conversion ratio and maintain consistency with the project documentation, the following mitigation steps are recommended:
Direct Withdrawal for User Stake: Allow for direct withdrawal of user stake without the need for intermediate conversions, thereby preserving the 1:1 conversion ratio between LPETH and ETH.
Assessed type
Other