Users can steal funds of others by honeypotting them during swaps

[hats-bug-reporter[bot]]

Github username: -- Twitter username: -- Submission hash (on-chain): 0xa7a40cdebd04945b9c078a75f783b12a36a729c2dfdb49cc4be506ae95adf556 Severity: high

Description: Description\ In pair.lib.rs, a new pair can be added using:

        pub fn new(token_0: AccountId, token_1: AccountId) -> Self {
            let pair = PairData::new(token_0, token_1, Self::env().caller());
            Self {
                psp22: PSP22Data::default(),
                pair,
            }
        }

However, there is no checks that these tokens added are actually fully PSP22 compatible.

Attack Scenario\ Alice creates a token pair: tX, tY

• tX and tY implement the functions of a regular PSP22:

  impl PSP22 for PairContract {
      #[ink(message)]
      fn total_supply(&self) -> u128 {
          self.psp22.total_supply()
      }
  
      #[ink(message)]
      fn balance_of(&self, owner: AccountId) -> u128 {
          self.psp22.balance_of(owner)
      }
  
      #[ink(message)]
      fn allowance(&self, owner: AccountId, spender: AccountId) -> u128 {
          self.psp22.allowance(owner, spender)
      }
  
      #[ink(message)]
      fn transfer(
          &mut self,
          to: AccountId,
          value: u128,
          _data: Vec<u8>,
      ) -> Result<(), PSP22Error> {
          let events = self.psp22.transfer(self.env().caller(), to, value)?;
          self.emit_events(events);
          Ok(())
      }
  
      #[ink(message)]
      fn transfer_from(
          &mut self,
          from: AccountId,
          to: AccountId,
          value: u128,
          _data: Vec<u8>,
      ) -> Result<(), PSP22Error> {
          let events = self
              .psp22
              .transfer_from(self.env().caller(), from, to, value)?;
          self.emit_events(events);
          Ok(())
      }
  
      #[ink(message)]
      fn approve(&mut self, spender: AccountId, value: u128) -> Result<(), PSP22Error> {
          let events = self.psp22.approve(self.env().caller(), spender, value)?;
          self.emit_events(events);
          Ok(())
      }
  
      #[ink(message)]
      fn increase_allowance(
          &mut self,
          spender: AccountId,
          delta_value: u128,
      ) -> Result<(), PSP22Error> {
          let events =
              self.psp22
                  .increase_allowance(self.env().caller(), spender, delta_value)?;
          self.emit_events(events);
          Ok(())
      }
  
      #[ink(message)]
      fn decrease_allowance(
          &mut self,
          spender: AccountId,
          delta_value: u128,
      ) -> Result<(), PSP22Error> {
          let events =
              self.psp22
                  .decrease_allowance(self.env().caller(), spender, delta_value)?;
          self.emit_events(events);
          Ok(())
      }
  }

• However, Alice modifies the transfer and transfer_from functions to empty the native balance of a swapper.
• Bob, unknowingly, swaps tX with tY using router/lib.rs::swap_exact_tokens_for_tokens:

      #[ink(message)]
      fn swap_exact_tokens_for_tokens(
          &mut self,
          amount_in: u128,
          amount_out_min: u128,
          path: Vec<AccountId>,
          to: AccountId,
          deadline: u64,
      ) -> Result<Vec<u128>, RouterError> {
          self.check_timestamp(deadline)?;
          let amounts = self.calculate_amounts_out(amount_in, &path)?;
          ensure!(
              amounts[amounts.len() - 1] >= amount_out_min,
              RouterError::InsufficientOutputAmount
          );
          psp22_transfer_from(
              path[0],
              self.env().caller(),
              self.get_pair(path[0], path[1])?,
              amounts[0],
          )?;
          self.swap(&amounts, &path, to)?;
          Ok(amounts)
      }

• In this function, psp22_transfer_from gets called, executing the malicious function set by Alice.
• Alice will be happy and Bob will be sad :(

Attachments

1. Proof of Concept (PoC) File

[deuszx]

As stated in the challange description - bugs arising from usage of non-standard/malicious PSP22Token implementations are out-of-scope. Yours is just one of many exploits that can happen with modified PSP22. Another, simple case of such exploit would be a PSP22 token where transfer function transfers all of the tokens to the hacker, rather than actual recipient.

[deuszx]

Thank you for participation. After carefully reviewing the submission we've concluded that this issue is INVALID.

We hope you participate in the future audits of ink!.