Beanstalk Part 1

Beanstalk

DeFiHardhatOracleProxyUpdates

100,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Valid

Silo is not compatible with Fee-on-transfer or rebasing tokens

inallhonesty

Summary

According to the documentation there are certain conditions that need to be met for a token to be whitelisted:

Additional tokens may be added to the Deposit Whitelist via Beanstalk governance. In order for a token to be added to the Deposit Whitelist, Beanstalk requires:

1. The token address;

2. A function to calculate the Bean Denominated Value (BDV) of the token (see Section 14.2 of the whitepaper for complete formulas); and

3. The number of Stalk and Seeds per BDV received upon Deposit.

Thus if the community proposes any kind of Fee-on-Transfer or rebasing tokens like (PAXG or stETH) and the Beanstalk governance approves it, then the protocol needs to integrate them into the system. But as it is now the system is definitely not compatible with such tokens.

Vulnerability Details

deposit, depositWithBDV, addDepositToAccount, removeDepositFromAccount and any other silo accounting related functions perform operations using inputed/recorded amounts. They don't query the existing balance of tokens before or after receiving/sending in order to properly account for tokens that shift balance when received (FoT) or shift balance over time (rebasing).

Impact

Likelyhood - low/medium - At the moment of writing lido has over 31% of the ETH staked which makes stETH a very popular token. There's a strong chance that stakeholder would want to have stETH inside the silo.

Impact - High - It simply won't work.

Overall severity is medium.

Tools Used

Manual review

Recommendations

Clearly state in the docs that weird tokens won't be implemented via Governance Vote or adjust the code to check the token.balanceOf() before and after doing any operation related to the silo.

Updates