In this protocol ERC20 tokens can be deposited as collateral, but if there will be allowed fee-on-transfer, balances can be drained.
Hacker can use depositCollateralAndMintDSC
. Balances not checked after transferFrom, call will be success, but protocol will receive amount - fee. After that attacker calls redeemCollateralForDsc
. Balances of user will be equal to amount, but his real money amount-fee. Protocol sends him amount, attacker recieve amount-fee, but pool loose amount of fee.
If one if tokens will be fee-on-transfer or enable it ( USDT can enable fee ) balances in coneact can be compromitised. ( possible some liquidations can be locked)
Manual review
Check balances sfter transfer, support fee-on transfer
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.