Profit sandwich attack (flash loan)
Summary
An attacker can sandwich attack the swap in the sellProfits function to drain the assets in exchange for minimal WETH.
Vulnerability Details
The sellProfits function allows any user to trigger a uniswap v3 swap from the profit asset to WETH. The swap will go through a known pool. Thus, an attacker can manipulate the price in that pool, call sellProfits, and then return the pool to its original state. This will leave the protocol with significantly diminished profits and the attacker with risk free value gained. This can be accomplished with a relatively small amount of resources by using a flash loan to manipulate large pools.
Impact
Loss of nearly all value underlying all ERC20s in the Fees.sol contract.
Recommendations
In order to avoid direct manipulation a minimum price or price limit must be set. Typically swaps are performed by users swapping their own assets, so the caller will provide ideal pricing parameters. However, in this case the calldata cannot be trusted. The least disruptive solution is to use manipulation resistant oracles to set a decent minimum price for the swap. However, since Beedle aims to be oracle-free I suspect this is not the best solution. Instead, I would suggest Beedle consider migrating the swapping logic out of the contracts by selling the assets directly to external users. This could be implemented as an auction or a pre-defined price per asset.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.