malicious Owner can modify fee rates on existing vaults to get more benefit
Summary
The vulnerability exposes the risk of a malicious owner manipulating fee rates on existing vaults within the SmartVaultManagerV5 contract. This adjustment allows the owner to potentially increase their Euro yield by exploiting high-value transactions and adjusting fee rates in their favor.
Vulnerability Details
In the SmartVaultManagerV5 contract, the fee rates, namely mintFeeRate, burnFeeRate, and swapFeeRate, are susceptible to modification at any time by the owner after users have created SmartVaults. This adjustment is facilitated by functions such as the following example:
Impact
If the owner acts maliciously or is compromised, they can exploit the system by waiting for a mint transaction with a significant amount, the owner can front-run the transaction and utilize the setMintFeeRate() function to modify the mintFeeRate to a higher value. This manipulation allows the owner to gain more value and potentially reduce the max mintable amount for the user.
Tools Used
Manual inspection
Recommendations
To enhance security, it is advised to set the fee rates with fixed values during the initialization phase and eliminate the set functions. Alternatively, if dynamic configuration of fee rates is essential, especially when uniformity exists across all vaults, establish these rates at the time of vault deployment for each specific vault.
Lead Judging Commences
informational/invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.