The Standard

Summary

If users have a certain amount of the excluded token used as a collateral, then the protocol will lose funds, because users will keep EUROs and will be able to withdraw the excluded token with the SmartVaultV3.removeAsset function. This can also be used by an attacker, which can lead to even more significant losses.

Vulnerability Details

Although removing a token from the accepted list is an extreme situation, the individual consequences of such a decision should be reduced. If a token is excluded from the list of accepted ones, there may be a sharp decrease in the liquidity of the vault and it may be liquidated. Since the owner of the SmartVaultV3 can withdraw any token not included in the list of accepted ones with the SmartVaultV3.removeAsset, the main losses will fall on the protocol.

This can also be exploited by an attacker who can increase the balance of the excluded token and mint additional EUROs using a front-run attack. Immediately after the token is excluded from the accepted ones, the attacker will be able to take it from the vault.

Impact

Loss of assets by the protocol.

Tools used

Manual Review

Recommendations

Consider storing the list of printed tokens as a variable in a vault. During liquidation, you will also need to use the list of tokens from the vault. New vaults will be created with an updated list of tokens. You may need a function to add and exclude tokens within the vault if the balance of the excluded tokens is zero. If the balance of such tokens is not zero, then it is possible to add some restrictions on operations in the form of a status change. In any case, the decision should be based on the reasons why the token may be excluded from the list of accepted ones.