Inflation Attack
Summary
Price of a share can be manipulated
Vulnerability Details
The getCashPrior() function calculates current underlying token balanceOf + badDebt, we will call it as totalCash
exchangeRateStoredInternal function in MToken.sol file, uses getCashPrior to calculate the exchange rate, using this formula
exchangeRate = (totalCash + totalBorrows - totalReserves) / totalSupply
Since one of the parameters (totalCash) can be inflated it opens an opportunity for an inflation attack.
POC
Alice - victim
Bob - attacker
Alice would like to call a function mint in MErc20.sol contract to deposit token and mint shares.
In mintFresh function in MToken.sol contract calculates a number of shares that should me "minted"
Attack scenario:
Bob back-runs the transaction of an ERC4626 pool creation
Bob mints one share,
getCashPrior()==1,totalSupply == 1.Bob front-runs Alice
minttransaction, for instance Alice calledmint(20000)by sending20_000e18+1of underlying token using transfer method in underlying_token's contract.
So nowgetCashPrior()==20_000e18+1+1,totalSupply == 1.Alice
mint(20000)transaction comes and based on the formula above
exchangeRate = (getCashPrior() + totalBorrows - totalReserves) / totalSupply
exchangeRate = (20_000e18+1+1 + 0 - 1) / 1
exchangeRate = 20_000e18+1
mintTokens = actualMintAmount / exchangeRate
mintTokens = 20_000e18 / 20_000e18+1
mintTokens = 0
Alice will recieve 0 shares for deposited
20_000e18
Impact
Alice will recieve 0 shares for deposited X amount
Tools Used
Manual
Recommendations
You may use OZ ERC4626 lib, OR mint as empty share to zero address.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.