Beanstalk Part 1

Beanstalk

DeFiHardhatOracleProxyUpdates

100,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

An attacker can unwrap Ether belonging to users or the protocol leveraging `unwrapAndSendETH`

DarkTower

Summary

The unwrapAndSendETH() function of the UnwrapAndSendETH contract has a flaw that allows any malicious user to steal ether belonging to users/the Beanstalk protocol at any time. The issue allows the contract's WETH balance to be drained.

Vulnerability Details

/// @notice Unwrap WETH and send ETH to the specified address

/// @dev Make sure to load WETH into this contract before calling this function

function unwrapAndSendETH(address to) external { // @audit anyone can run this after having scanned the mempool for incoming transfers of WETH

uint256 wethBalance = IWETH(WETH).balanceOf(address(this));

require(wethBalance > 0, "Insufficient WETH");

IWETH(WETH).withdraw(wethBalance);

(bool success, ) = to.call{value: address(this).balance}(

new bytes(0)

);

require(success, "Eth transfer Failed.");

}

Looking at the code block above for unwrapping ether, we are sure of two things:

A user needs to have delegated a WETH balance to this contract. They could for example transfer WETH into this contract directly.
After having given this contract some WETH balance, they can specify the to address to send the underlying Ether to during the unwrapping process. This second step engineers an issue in the sense that any malicious frontrunner can watch the mempool for transactions that will result in this contract having a WETH balance, wait for that transaction to go through and immediately call the unwrapAndSendETH function in this contract to then take those underlying Ether.

We do not suppose atomic transactions consisting of a transfer and unwrapping of the transferred amount will be done via this contract. That would have mitigated the issue but nevertheless, it would still exist and some others would still lose as a result of not executing one such atomic transaction.

Impact

The resulting impact of this issue is a loss of the balance for this contract being held in WETH. The attacker can repeat this process for as long as the contract has a WETH balance effectively draining the balance every time.

Tools Used

Manual review + foundry

Recommendations

The recommendation for this is to rethink how the unwrap process should happen and who should be getting what. With this current implementation, one person can engineer a deposit that anyone else can take.

Updates

Lead Judging Commences

giovannidisiena Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Design choice

Assigned finding tags:

Pipeline access control

Prize pool breakdown

Total prize

100,000 USDC

nSLOC

5,776

17 USDC / LOC

High Medium

95,000 USDC

Low

5,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.