Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: high

Valid

WETH deposited before the contract gets any staked tokens can get permanently locked

KrisApostolov

Summary

Any WETH deposited while there are no staking tokens in the system can be permanently locked by calling claim().

Vulnerability Details

The claim() function sets the internal accounting balance of the contract to the actual WETH balance of the contract. This becomes an issue when there is a discrepancy between the balance and the internal accounting due to a WETH refill in the contract. In the case that it gets called during a case where there are no collateral tokens in the protocol the funds will be lost forever because there will not be an index increment because of them.

Consider the following PoC clearly demonstrating the issue:

https://gist.github.com/CrisCodesCrap/092f87c74221549526d816fd9e4c6033

Impact

The funds deposited at that time will be locked forever.

Tools Used

Manual Review

Recommendations

Consider adding some protection to the claim(), and how it can be called. Also consider not setting the internal accounting to the current balance, but to the old accounting amount - the claimed amount.

balance = balance - claimedAmount;

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.