DittoETH
Ditto
DeFiFoundryOracle
55,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

`withdrawAsset()` Function Allows Withdrawals from Permanently Frozen Asset Market

nisedo

Vulnerability Details

The DittoEth protocol allows for the shutdown of a market through the MarketShutdownFacet::shutdownMarket() function. When a market is shutdown, its asset (initially cUSD) is marked as permanently frozen through the isPermanentlyFrozen() modifier. However, the VaultFacet::withdrawAsset() function currently lacks a check for whether the asset is permanently frozen.

As per the intended design, after a market is shutdown, the asset should only be able to be withdrawn through the MarketShutdownFacet::redeemErc() function, which changes the user asset balance from ercEscrowed to ethEscrowed. However, the VaultFacet::withdrawAsset() function can still be called even when the asset is permanently frozen, contradicting the expected behavior and exposing the protocol to potential abuse.

Impact

Unauthorized Asset Withdrawal: Users or malicious actors can exploit this vulnerability to withdraw assets (cUSD) from a frozen market, potentially destabilizing the protocol.

Recommendations

Add a check for permanently frozen assets: Modify the VaultFacet::withdrawAsset() function to include the check isNotFrozen(asset) and prevent withdrawals when the asset is frozen.

function withdrawAsset(address asset, uint104 amount)
external
onlyValidAsset(asset)
+ isNotFrozen(address asset)
nonReentrant
{
if (amount == 0) revert Errors.PriceOrAmountIs0();
STypes.AssetUser storage AssetUser = s.assetUser[asset][msg.sender];
if (amount > AssetUser.ercEscrowed) revert Errors.InsufficientERCEscrowed();
AssetUser.ercEscrowed -= amount;
IERC20(asset).mint(msg.sender, amount);
}
Updates

Lead Judging Commences

0xnevi Lead Judge
about 2 years ago
0xnevi Lead Judge about 2 years ago
Submission Judgement Published
Invalidated
Reason: Other

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.