search

hats-finance / VMEX-0x050183b53cf62bcd6c2a932632f8156953fd146f

LP token lending protocol
MIT License
2 stars 1 forks source link

`getBeethovenPrice()` in `getAssetPrice()` of VMEXOracle.sol is vulnerable to flashLoan attack #15

Open hats-bug-reporter[bot] opened 1 year ago

hats-bug-reporter[bot] commented 1 year ago

Github username: -- Submission hash (on-chain): 0x9c6393997b37156e1f2ecf52e5b916801272b56e8f5e9a1d6a893f2573bcd040 Severity: high severity

Description:

Summary

The getBeethovenPrice() function in the VMEXOracle.sol relies on the get_lp_price function of BalancerOracle.sol to calculate the LP token price. However, there is a potential security vulnerability related to the manipulation of the pool's totalSupply value, which can lead to inaccurate price calculations.

Description

The vulnerability arises from the dependence on the totalSupply value within the calc_balancer_lp_price function. By manipulating the totalSupply of the pool using flashLoan, an attacker could potentially distort the fair reserves used in the LP token price calculation. The calc_balancer_lp_price function is returning the Price by dividing it with totalSupply which will be inflated in the case of FlashLoan so the Price will not be original and it is being used in get_lp_price function which is then being used in VMEXOracle.sol to get price which will be wrong

Recommendation

To address this vulnerability and protect against supply manipulation attacks, consider using TWAP price

ksyao2002 commented 1 year ago

Please provide a POC, or step-by-step details on the exact attack vector, or else your submission will be invalidated.

Nabeel-javaid commented 1 year ago

Please provide a POC, or step-by-step details on the exact attack vector, or else your submission will be invalidated.

hi, I'm from the VMEX team, do you have a tg or discord where we can discuss this further?

Let's perform a detailed dry run to illustrate how an attacker could exploit the vulnerability in the calc_balancer_lp_price() function through a flash loan attack.

Initial State:

totalSupply: 1,000,000 LP tokens balances: [500,000 tokens for asset A, 500,000 tokens for asset B] weights: [50%, 50%] pxA: Price of asset A pxB: Price of asset B Flash Loan Execution:

The attacker initiates a flash loan to borrow a significant amount of funds within a single transaction. Manipulation:

The attacker manipulates the totalSupply value of the Balancer pool by inflating or deflating it. Let's assume the attacker inflates the totalSupply to 2,000,000 LP tokens. Calculation in calc_balancer_lp_price():

The function calculates the LP token price based on the manipulated totalSupply. The calculation becomes:

fairResA = (balances[0] * 1e18 / 10 ** (tokens[0].decimals())) * weights[0]
fairResB = (balances[1] * 1e18 / 10 ** (tokens[1].decimals())) * weights[1]
LP price = (fairResA * pxA + fairResB * pxB) / totalSupply

Inaccurate Price:

Due to the manipulated totalSupply value of 2,000,000, the calculated LP token price will be distorted and not reflect the true value. This can provide an advantage to the attacker. Exploitation:

The attacker can exploit the distorted LP token price to perform various actions within the system, such as buying or selling tokens at favorable prices, performing arbitrage, or manipulating the prices of other assets. Loan Repayment:

At the end of the transaction, the attacker repays the flash loan along with any associated fees, ensuring that the total borrowed amount is returned. In this scenario, the attacker successfully exploits the vulnerability by manipulating the totalSupply value within a flash loan transaction. This manipulation leads to distorted price calculations, which the attacker can exploit for their benefit within the system.