Sablier

Summary

report identifies a potential front-running vulnerability in the SablierV2BatchLockup contract. Front-running occurs when an attacker exploits the predictability of transactions in the mempool, enabling them to anticipate and manipulate transactions for personal gain.

Vulnerability Details

The vulnerability arises in the batch creation functions (createWithDurationsLD, createWithTimestampsLD, createWithDurationsLL, createWithTimestampsLL, createWithDurationsLT, and createWithTimestampsLT). Specifically, an attacker can monitor pending transactions in the mempool and submit their own transaction with higher gas fees to manipulate the order of execution. This could allow the attacker to create or claim streams before legitimate users, potentially draining the contract's funds or locking out legitimate users.

Impact

The front-running vulnerability can have significant impacts:

Loss of Funds: An attacker could front-run the creation of streams to capture funds intended for other users.
Denial of Service: Legitimate users may be unable to create or claim streams if an attacker continually front-runs their transactions.
Financial Manipulation: The attacker could manipulate the order of transactions to gain an unfair advantage, potentially destabilizing the intended use of the contract.

Tools Used

MythX

Recommendations

Use of Commit-Reveal Scheme: Implement a commit-reveal mechanism where users first commit to the action with a hash and then reveal the details in a subsequent transaction.
Incorporate Time-Delays: Introduce a time-delay for critical actions to reduce the effectiveness of front-running by making it harder for attackers to predict the timing of transactions.