Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Contract owner is a single point of failure and centralization risk

madalad

Summary

Throughout the codebase Ownable is used to give the dev team special privileges, which can be abused either by a malicious owner or in the case of a private key hack.

Vulnerability Details

Utilizing an externally owned account (EOA) as the owner of contracts poses significant dangers of centralization and represents a vulnerable single point of failure. A single private key is susceptible to theft during a hacking incident, or the sole possessor of the key may encounter difficulties in retrieving it when required. It is advisable to contemplate transitioning to a multi-signature arrangement or implementing a role-based authorization framework.

In Lender, the owner may set lender and borrower fees at will without notice. This may be used to catch unsuspecting users off guard and benefit certain parties. For example, the lender fee can be set as high as 50%.

File: src\Lender.sol

081: /// @notice set the lender fee

082: /// can only be called by the owner

083: /// @param _fee the new fee

084: function setLenderFee(uint256 _fee) external onlyOwner {

085: if (_fee > 5000) revert FeeTooHigh();

086: lenderFee = _fee;

087: }

088:

089: /// @notice set the borrower fee

090: /// can only be called by the owner

091: /// @param _fee the new fee

092: function setBorrowerFee(uint256 _fee) external onlyOwner {

093: if (_fee > 500) revert FeeTooHigh();

094: borrowerFee = _fee;

095: }

096:

097: /// @notice set the fee receiver

098: /// can only be called by the owner

099: /// @param _feeReceiver the new fee receiver

100: function setFeeReceiver(address _feeReceiver) external onlyOwner {

101: feeReceiver = _feeReceiver;

102: }

Also, the staking token Beedle allows the owner to mint arbitrary amounts of tokens at any time. A malicious owner can mint themselves large amounts of the token and sell them on the market, securing large profits at the cost of other holders.

File: src\Beedle.sol

36: function mint(address to, uint256 amount) external onlyOwner {

37: _mint(to, amount);

38: }

Impact

A malicious/compromised owner can, in the worst case, inflate the Beedle token arbitrarily and effectively steal all value from current token holders.

Tools Used

Manual review

Recommendations

Minimise attack surface by utilising a multi-sig wallet or DAO governance contract as the owner, and make users explicitly aware of the inherent centralization risks of the system.

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.