The Standard

DeFiHardhat

20,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Reentrancy and Collateralization Bug in SmartVaultV3 Contract

hackj5

Summary

The SmartVaultV3 contract has a complex interaction involving minting, burning, and collateral management that introduces a very high-risk reentrancy vulnerability. Additionally, there's a collateralization bug that can result in an incorrect assessment of collateral, leading to potential under-collateralization and significant financial risks.

Vulnerability Details

Reentrancy Vulnerability:
- The mint function introduces a reentrancy vulnerability due to its interaction with external contracts, specifically the EUROs contract and the ISmartVaultManagerV3 manager.
- Reentrancy attacks during minting can lead to unauthorized fund transfers, impacting the contract's state and functionality.
Collateralization Bug:
- The calculateMinimumAmountOut function's logic for determining the minimumAmountOut may lead to under-collateralization.
- The collateral value calculation does not account for the potential impact of the swap on collateralization, which may result in an incorrect assessment of collateral.

Likelihood:
Very High: The reentrancy vulnerability, combined with the collateralization bug, poses a severe risk. The complexity of interactions and state changes increases the likelihood of exploitation.

Steps to Reproduce:

Exploit the reentrancy vulnerability during the mint function.
Manipulate the collateral calculation in the calculateMinimumAmountOut function to trigger under-collateralization.
Execute a swap that results in an incorrect collateral assessment.

Impact

Impact:

Unauthorized fund transfers during reentrancy attacks.
Incorrect collateral assessment leading to potential under-collateralization.
Financial losses and disruption of contract functionality.

Tools Used

Manual Review , Slither

Recommendations

Recommendation:

Implement reentrancy protection mechanisms such as the "Checks-Effects-Interactions" pattern or use the reentrancyGuard modifier.
Review and enhance the collateralization logic in the calculateMinimumAmountOut function to ensure accurate assessments.

Affected Components:

mint function, calculateMinimumAmountOut function, and related collateralization logic.

Updates

Lead Judging Commences

hrishibhat Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Assigned finding tags:

informational/invalid

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

609

33 USDC / LOC

High Medium

17,500 USDC

Low

2,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.