thisvishalsingh - thisvishalsingh - protocol rely on `balance` or `balanceOf` instead of internal accounting several times can lead to Donation Attack #121
thisvishalsingh - protocol rely on balance or balanceOf instead of internal accounting several times can lead to Donation Attack
thisvishalsingh
medium
protocol rely on balance or balanceOf instead of internal accounting several times can lead to Donation Attack
Summary
Attackers can manipulate the accounting by donating tokens.
In contract NapierPool.sol, TrancheRouter.sol, PeripheryPayments.sol, Tranche.sol rely on balance or balanceOf instead of internal accounting several times
thisvishalsingh
medium
thisvishalsingh - protocol rely on
balance
orbalanceOf
instead of internal accounting several times can lead to Donation Attackthisvishalsingh
medium
protocol rely on
balance
orbalanceOf
instead of internal accounting several times can lead to Donation AttackSummary
Attackers can manipulate the accounting by donating tokens. In contract
NapierPool.sol, TrancheRouter.sol, PeripheryPayments.sol, Tranche.sol
rely onbalance
orbalanceOf
instead of internal accounting several timesVulnerability Detail
a example from
NapierPool::removeLiquidity
:Impact
Attackers can manipulate the accounting by donating tokens.
Code Snippet
https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/NapierPool.sol#L273 https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/NapierPool.sol#L608 https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/NapierRouter.sol#L274 https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/NapierRouter.sol#L282 https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/NapierRouter.sol#L418 https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/NapierRouter.sol#L444 https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/NapierRouter.sol#L504 https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/NapierRouter.sol#L577 https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/NapierRouter.sol#L818 https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/NapierRouter.sol#L508 https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/base/PeripheryPayments.sol#L27 https://github.com/sherlock-audit/2024-01-napier/blob/main/v1-pool/src/base/PeripheryPayments.sol#L42 https://github.com/sherlock-audit/2024-01-napier/blob/main/napier-v1/src/Tranche.sol#L199
Tool used
Manual Review
Recommendation
Implement internal accounting instead of relying on
balanceOf
natively.