DeFiHardhat
12,000 USDC
View results
Submission Details
Severity: low
Invalid

Unprotected Initial Reserve Values in the _capReserve Function

Vulnerability Details

The vulnerability arises from a specific sequence of contract function calls during the initialization phase of the MultiFlowPump contract's reserve values. It begins when an external entity, potentially a malicious actor, invokes the update function for the first time. This function is designed to update the reserve values of the contract and is the only external entry point for such updates. Upon execution, the update function checks if the lastTimestamp is zero, indicating that the contract's reserves have not been previously set. If this condition is met, the update function internally calls the _init function to establish the initial reserve values. However, the _init function directly sets these values without applying the capping logic that is encapsulated within the _capReserve function. The _capReserve function is intended to limit the magnitude of reserve changes between updates, but it is not utilized during this initial setup. As a result, the initial reserves can be set to any value without the intended restrictions, potentially allowing a malicious actor to manipulate these values to their advantage, which could adversely affect the contract's future calculations and oracle data integrity.

Impact

The absence of a capping mechanism during the initial reserve setting allows for potential manipulation of reserve values, compromising the integrity of subsequent EMA and SMA calculations.

Tools Used

Manual Review

Recommendations

  1. Add range checks for initial reserves in _init.

  2. Introduce a mechanism to initialise the contract with predefined reserve values or employing a multi-step initialization process that includes validation checks or external inputs.

Updates

Lead Judging Commences

giovannidisiena Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
Assigned finding tags:

Informational/Invalid

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.