Curve oracle manipulation possible with read only reentrancy in get_virtual_price. And curve pool uses vulnerable vyper version.
Summary
get_virtual_price() was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack. The attacker could use this to artificially inflate the price of the LP token/its balance, and use the inflated balance to take out loans which become undercollateralized at the end of the transaction, or to buy assets at exchange rates not actually available on the open market.
get_virtual_price() is used in the above functions. It can easily be manipulated with read-only reentrancy and the attack is well explained in this article.
On sunday 31-07-2023, a zero-day affecting vyper compiler versions v0.2.15-0.3.0 has been found and exploited in order to drain multiple curve pools.
Nadin
high
Curve oracle manipulation possible with read only reentrancy in
get_virtual_price
. And curve pool uses vulnerable vyper version.Summary
get_virtual_price()
was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack. The attacker could use this to artificially inflate the price of the LP token/its balance, and use the inflated balance to take out loans which become undercollateralized at the end of the transaction, or to buy assets at exchange rates not actually available on the open market.Vulnerability Detail
https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/oracles/providers/CurveV1StableEthOracle.sol#L155 https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/oracles/providers/CurveV2CryptoEthOracle.sol#L165 https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/stats/calculators/CurveV1PoolNoRebasingStatsCalculator.sol#L22 https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/stats/calculators/CurveV1PoolRebasingStatsCalculator.sol#L23
get_virtual_price(
) is used in the above functions. It can easily be manipulated with read-only reentrancy and the attack is well explained in this article.Tool used
Manual review
Impact
Curve classic problem read-only reentrant,
get_virtual_price
can be manipulated which is used for pricing LP tokens.Code Snippet
https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/oracles/providers/CurveV1StableEthOracle.sol#L155 https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/oracles/providers/CurveV2CryptoEthOracle.sol#L165 https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/stats/calculators/CurveV1PoolNoRebasingStatsCalculator.sol#L22 https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/stats/calculators/CurveV1PoolRebasingStatsCalculator.sol#L23
Tool used
Manual Review
Recommendation
Use TWAP to determine the prices of the underlying assets in the pool. Or Add a reentrancy guard to protect against reentrancy.