Attacker can steal funds by taking a flash loan.
Let's describe the vulnerability in the following scenario (note: Attacker = A malicious contract deployed by the attacker):
Alice calls deposit
and wants to deposit x
amount of token A
.
Attacker is tracing the mempool and see the Alice transaction.
Attacker calls flashloan
with higher gas price (front-running the alice transaction) and borrows y
amount of token A
(y
is less than x
, for example if alice is depositing 1000 number of token A
, attacker borrows 900)
The attacker transaction will be executed first (due to higher gas price)
flashloan
function transfers the tokens to attacker contract and triggers the function executeOperation
in attacker contract:
Inside the executeOperation attacker has implmented a code that just keeps the transaction suspended for 1 minute (or more if needed) to make sure the alice transaction (deposit transaction) is executed (for example, a loop which checks 1 minute is passed)
After 1 minute, executeOperation is finish and the attacker transaction will go back to flashloan
at this line:
According to that the alice transaction is executed during this 1 minute, so the balance of contract is increased by alice deposits, so the transaction of attacker will be successfully finished without the need for attacker to pays-back.
Loss of funds.
Manual Review
Add this line to deposit
function:
The above line means: No one should be able to deposit token A
, while token A
is borrowed by a flashloan borrower.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.