We calculate hourly Limit in Line 46 By using the max of the two values here
Now the problem will arise from the fact that either a whale or MEV bots can constantly prevent the genuine issuance of RToken using the Throttle Mechanism
This maybe through
Constantly sandwiching normal users issuance
This is more problematic when the RToken is newly Deployed cause:
pctRate will be mostly always smaller than amtRate and as a result, as long as amtRate and UoA is at a reasonable number this will be always filled easily with not much of cost.
Tools Used
Manaul Review
Recommended Mitigation Steps
Prevent issuing and redeeming in the same Txn will prevent a good portion of the attack victor and would make it less feasible.
Note! care should be taken due to the public function issueTo that allows permissionless issuing to other users that the above solution may introduce a new attack vector Dos to other users by continuously issuing to users 1 wei when they try to redeem
In addition to this, prevent one user from obtaining all the hourly limit,
Note! this may be bypassed by attacker using multiple accounts.
Lines of code
https://github.com/code-423n4/2024-07-reserve/blob/3f133997e186465f4904553b0f8e86ecb7bbacbf/contracts/p1/RToken.sol#L121-L122
Vulnerability details
Impact
Complete Denial of service of
RTokens
Issuance, especially new (Low TVL ones), by malicious entityProof of Concept
The Problem Arises in
RToken
contract inissueTo
due to Throttles implementation herein Line 121, we revert on over Issuance, which is a mechanism in place to prevent Large issuance causing price manipulation.
When we look at
useAvailable
we see that:Now the problem will arise from the fact that either a whale or MEV bots can constantly prevent the genuine issuance of
RToken
using the Throttle MechanismThis is more problematic when the
RToken
is newly Deployed cause:pctRate
will be mostly always smaller thanamtRate
and as a result, as long asamtRate
and UoA is at a reasonable number this will be always filled easily with not much of cost.Tools Used
Manaul Review
Recommended Mitigation Steps
Prevent issuing and redeeming in the same Txn will prevent a good portion of the attack victor and would make it less feasible.
In addition to this, prevent one user from obtaining all the hourly limit,
Assessed type
DoS