Beginner FriendlyFoundryDeFiOracle
100 EXP
View results
Submission Details
Severity: high
Valid

Mint Tokens using Flash loan

Vulnerability Details

User can maliciously mint the tokens using the flash loans.In the flash loan function the check of the repayment is done by checking the token balance of the assetToken contract this can be increased just by depositing the tokens so by doing this we can mint the assetTokens and no need of paying the flashloan back because of the increase in token balance of the assetToken.

uint256 endingBalance = token.balanceOf(address(assetToken));
if (endingBalance < startingBalance + fee)

Impact

High

Tools Used

Manual Review

Recommendations

stop the use of deposit when the time of flshloan

Updates

Lead Judging Commences

0xnevi Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

flash loan funds stolen by a deposit

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.