Users can frontrun `LiquidationPool.distributeFees` to stake TST and ensure significant shares of the distributed fees.
Summary
Due to the distribution of fees to pending TST positions by LiquidationPool.distributeFees(), users can increase their TST holdings just before big distributions to secure guaranteed large shares of the fees.
Vulnerability Details
LiquidationPool.distributeFees() distributes fees to pending TST stakes. This enables users to monitor the mempool for significant fee distributions, frontrun them by depositing large amounts of TST, and ensure capturing the majority of the distributed EURO share.
It's important to note that this attack is not possible on Arbitrum, as it lacks a public mempool. However, as indicated in the README, the protocol should be compatible with "Any EVM chains with live Chainlink data feeds and live Uniswap pools," this strategy could be applied on numerous other chains where public mempools are available.
Impact
Users can frontrun large fee distributions by staking TST and securing a portion of the distributed fees.
Tools Used
Manual Review
Recommended Mitigation
Consider distributing fees only to already consolidated positions, excluding pending ones.
Lead Judging Commences
frontrun-distrubutefees
frontrun-feedist-low
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.