The well known ERC4626 inflation attack works on the BaseLSTAdapter with minor adjustments.
Vulnerability Detail
The BaseLSTAdapter is a normal ERC4626 vault. The only defense is this line:
if (shares == 0) revert ZeroShares();
However, the inflation attack does not necessarily need to round down to 0. The attack can also be performed by rounding down from 2 to 1, as shown in this example:
Let the user's deposit liquidity amount be L.
Attacker mints 1 share.
Attacker mints L/2 + 1 shares.
The user deposits L liquidity, giving them L / (L/2 + 1) = floor(1.99...) = 1 share.
Now if the user burns the 1 share, they would receive 1/2 * (L + L/2 + 1) = floor(3L/4 + 1/2) = 3L/4 liquidity, meaning they lost L/4 liquidity.
Bandit
high
Share Inflation For Base LST Adapter
Summary
The well known ERC4626 inflation attack works on the
BaseLSTAdapter
with minor adjustments.Vulnerability Detail
The BaseLSTAdapter is a normal ERC4626 vault. The only defense is this line:
However, the inflation attack does not necessarily need to round down to 0. The attack can also be performed by rounding down from 2 to 1, as shown in this example:
Let the user's deposit liquidity amount be
L
.L/2 + 1
shares.L
liquidity, giving themL / (L/2 + 1) = floor(1.99...) = 1
share.1/2 * (L + L/2 + 1) = floor(3L/4 + 1/2) = 3L/4
liquidity, meaning they lostL/4
liquidity.The exact same attack at the Readme here. Scroll down to "Frontrunning the first deposit may steal 1/4 of the deposit": https://github.com/ZeframLou/bunni/tree/main/src
Impact
First depositor can break minting of shares and also steal 1/4 of an initial deposit through frontrunning.
Code Snippet
https://github.com/sherlock-audit/2024-01-napier/blob/main/napier-v1/src/adapters/BaseLSTAdapter.sol#L8
Tool used
Manual Review
Recommendation
Note that an old version of OpenZeppelin's ERC4626 contracts was imported:
OpenZeppelin contracts 5.0 has built in mitigation to the inflation attack using virtual shares, so import the
5.0
contracts instead of version4.9.3
Duplicate of #94