Adversary can block deposit queue by adding a smart contract that rejects new shares when minted
Summary
Adversary can block deposit queue by adding a smart contract that rejects new shares when minted
Vulnerability Detail
Similar to the rollover issue, mintDepositInQueue in Carousel goes over all deposits in the queue sequentially and mints shares for users. If, for some reason, it reverts for one of the deposits, the whole deposit process is blocked.
while ((length - _operations) <= i) {
// this loop impelements FILO (first in last out) stack to reduce gas cost and improve code readability
// changing it to FIFO (first in first out) would require more code changes and would be more expensive
_mintShares(
queue[i].receiver,
_epochId,
queue[i].assets - relayerFee
);
An attacker can set receiver to a smart contract that reverts when shares minted to it, causing a revert
Impact
Deposit queue is blocked and users' funds are stuck forever as there is no way to cancel a deposit from the queue
libratus
high
Adversary can block deposit queue by adding a smart contract that rejects new shares when minted
Summary
Adversary can block deposit queue by adding a smart contract that rejects new shares when minted
Vulnerability Detail
Similar to the rollover issue, mintDepositInQueue in Carousel goes over all deposits in the queue sequentially and mints shares for users. If, for some reason, it reverts for one of the deposits, the whole deposit process is blocked.
An attacker can set receiver to a smart contract that reverts when shares minted to it, causing a revert
Impact
Deposit queue is blocked and users' funds are stuck forever as there is no way to cancel a deposit from the queue
Code Snippet
https://github.com/sherlock-audit/2023-03-Y2K/blob/main/Earthquake/src/v2/Carousel/Carousel.sol#L331-L338
Tool used
Manual Review
Recommendation
Perhaps use try/catch when attempting to mint shares and skip over the deposit request in case of error
Duplicate of #468