DittoETH

Summary

Attacker can increase his collateral via executing flash loan and claim the yield immediately

Vulnerability Details

in _distributeYield function for preventing flash loans being able to claim yield you require the last updated time be 1 hour lower than the currnet time

But the problem is in increaseCollateral function which receives funds from shorter for a specific short record short.updatedAt is not updated and it is still the last updatedAt time, since the yield is calculated based on the collateral the more collateral means more yield user will get, this means attacker can increase the collateral by large amount of assets with flash loans and call distributeYield to claim the yield immediately and also pass the check for flash loan succesfully

Impact

Attacker can take this steps to apply the attack

1. create a small short order with the same price of highest bid (and short order will be created for this order)

2. create an attack contract for receiving the flash loan callback

3. execute the flash loan for the target asset using Aave

4. when call back received from flash loan call increaseCollateral by passing the short record id for increasing the collateral with the received assets

5. call distributeYield by passing the short record id for claiming the yield

6. pay back barrowed amount with fee and withdraw the profit from the attack contract

attacker can repeating this till he drain all of the assets from contract

Tools Used

Manual Analysis

Recommendations

Update the short.updatedAt whenever increaseCollateral is called