Open hats-bug-reporter[bot] opened 7 months ago
Thank you for the submission.
This behaviour is the expected and standard way to create predictable addresses for pairs/pools, in case of using a more complex salt it will not provide a cheap and easy way to get the address of a pair.
I also want to note that there is no benefit for an attacker to cause a pair to be created, as this will lead to the expected result anyway. And also, the user who actually wanted to create the pair will pay much less gas for the transaction if it fails, even though the pair will be created by the attacker
Github username: @djxploit Twitter username: -- Submission hash (on-chain): 0x911f0bcf688ccf0985b106eac946b5e347061b10d0c3ce524e7b53f908e998b8 Severity: high
Description: Description\ A user may frontrun
createPair
function inPairFactoryUpgradeable.sol
, to predict the salt and DOS users from creating pairs.As can be seen in https://github.com/Satsyxbt/Fenix/blob/main/contracts/dexV2/PairFactoryUpgradeable.sol#L143, a pair is created by using the
cloneDeterministic
function, by using the salt askeccak256(abi.encodePacked(token0, token1, stable))
, which are given as arguments to thecreatePair
functions.Thus if an attacker frontruns the
createPair
function, he would be able to determine the salt, and create the pair. This will revert the legitimatecreatePair
callAttack Scenario\
createPair
callcloneDeterministic(implementation, keccak256(abi.encodePacked(token0, token1, stable)))
himself with the extracted arguments.Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)