Denial of service for particular triples of the targeted user
Description
The depositTriple() function of EthMultiVault allows an user to deposit assets to a triple vault. However a malicious actor may prevent deposits (especially if large) if he spends generalConfig.minDeposit. This is because he can deposit to the triple's counter vault for the receiver who intends to deposit, which will make the initial user's deposit fail.
EthMultiVault.sol - depositTriple()
function depositTriple(address receiver, uint256 id)
external
payable
nonReentrant
whenNotPaused
returns (uint256)
{
if (!isTripleId(id)) {
revert Errors.MultiVault_VaultNotTriple();
}
if (_hasCounterStake(id, receiver)) {
revert Errors.MultiVault_HasCounterStake();
}
if (msg.value < generalConfig.minDeposit) {
revert Errors.MultiVault_MinimumDeposit();
}
uint256 protocolFees = protocolFeeAmount(msg.value, id);
uint256 userDepositAfterProtocolFees = msg.value - protocolFees;
// deposit eth into vault and mint shares for the receiver
uint256 shares = _deposit(receiver, id, userDepositAfterProtocolFees);
_transferFeesToProtocolVault(protocolFees);
// distribute atom shares for all 3 atoms that underly the triple
uint256 atomDepositFraction = atomDepositFractionAmount(userDepositAfterProtocolFees, id);
_depositAtomFraction(id, receiver, atomDepositFraction);
return shares;
}
Attack scenario
User calls depositTriple() for himself 0x1 and id of 1 with 10 ETH
Attacker front-runs the call and deposits in the opposite vault of the id for the 0x1 user with the minimum deposit amount
User's TX executes and reverts because the _hasCounterStake() checker will fail
Severity
Medium
Impact
Denial of service for particular triples of the targeted user
Description
The
depositTriple()
function ofEthMultiVault
allows an user to deposit assets to a triple vault. However a malicious actor may prevent deposits (especially if large) if he spendsgeneralConfig.minDeposit
. This is because he can deposit to the triple's counter vault for thereceiver
who intends to deposit, which will make the initial user's deposit fail.EthMultiVault.sol
-depositTriple()
Attack scenario
depositTriple()
for himself0x1
andid
of1
with10 ETH
0x1
user with the minimum deposit amount_hasCounterStake()
checker will fail