Time Manipulation Vulnerability in FlatcoinVault Contract

Summary

The FlatcoinVault contract relies on block.timestamp for critical functionality related to funding rate calculations. This introduces a vulnerability to miner timestamp manipulation that could allow attackers to exploit the contract for profit.

Vulnerability Detail

The vulnerability arises from the use of block.timestamp in functions like:

lastRecomputedFundingTimestamp = (block.timestamp).toUint64();

And reliance on it for funding rate calculations:

int256 fundingChangeSinceRecomputed = PerpMath._fundingChangeSinceRecomputed({
  proportionalSkew: proportionalSkew,
  prevFundingModTimestamp: lastRecomputedFundingTimestamp,
  // ...
});

Impact

Manipulate funding rate calculations to their advantage

Code Snippet

https://github.com/sherlock-audit/2023-12-flatmoney/blob/main/flatcoin-v1/src/FlatcoinVault.sol#L224

Tool used

Manual Review

Recommendation

Use block number instead of timestamp for interval measurements

sherlock-admin commented 5 months ago

1 comment(s) were left on this issue during the judging contest.

takarez commented:

invalid

nevillehuang commented 4 months ago

Invalid, no impact described from miner manipulation specific to protocol context.

sherlock-audit / 2023-12-flatmoney-judging

cheatcode - Time Manipulation Vulnerability in FlatcoinVault Contract #277