Beanstalk: The Finale

Summary

The InitDiamond contract contains an init function that can be called multiple times without any access control. This leads to significant security risks, including the potential to reset critical state variables and to mint an unlimited amount of Bean tokens, thereby disrupting the protocol's functionality and stability.

Vulnerability Details

The InitDiamond.init function calls the InitalizeDiamond.initializeDiamond function, which sets various critical state variables and initializes the system. Since init is publicly accessible and lacks access control, it can be called repeatedly by any user. This can lead to several issues:

1. State Resetting: The initializeDiamond function initializes multiple parameters essential for the protocol's operation, including season parameters, field parameters, and various system settings. By resetting these parameters, an attacker can disrupt the normal functioning of the protocol. For instance:

   • Season Parameters: The function resets the current season to 1 and initializes the timestamp, which can disrupt time-dependent functionality within the protocol.

   InitalizeDiamond#L161-L186

   function initalizeSeason() internal {

   // set current season to 1.

   s.sys.season.current = 1;

   ​

   // set withdraw seasons to 0. Kept here for verbosity.

   s.sys.season.withdrawSeasons = 0;

   ​

   // initalize the duration of 1 season in seconds.

   s.sys.season.period = C.getSeasonPeriod();

   ​

   // initalize current timestamp.

   s.sys.season.timestamp = block.timestamp;

   ​

   // initalize the start timestamp.

   // Rounds down to the nearest hour

   // if needed.

   s.sys.season.start =

   s.sys.season.period > 0 ? (block.timestamp / s.sys.season.period) * s.sys.season.period : block.timestamp;

   ​

   // initalizes the cases that beanstalk uses

   // to change certain parameters of itself.

   setCases();

   ​

   initializeSeedGaugeSettings();

   }

   • Field Parameters: It sets the weather parameters, which can affect farming operations within the protocol.

   InitalizeDiamond#L152-L156

   function initalizeField() internal {

   s.sys.weather.temp = 1;

   s.sys.weather.thisSowTime = type(uint32).max;

   s.sys.weather.lastSowTime = type(uint32).max;

   }

   • Silo Parameters: By resetting silo settings, the function can interfere with storage and asset management processes within the protocol.
     InitalizeDiamond#L198-L202

   function initalizeSilo(uint16 season) internal {

   // initalize when the silo started silo V3.

   s.sys.season.stemStartSeason = season;

   s.sys.season.stemScaleSeason = season;

   }

2. Unlimited Token Minting: Each time the init function is called, it mints INIT_SUPPLY (100e6) Beans to the caller's address. Without restrictions, a malicious actor can repeatedly call this function to mint an unlimited number of tokens, leading to severe inflation and devaluation of the token.

Impact

1. Protocol Functionality Disruption: Resetting state variables can lead to inconsistencies and unexpected behavior within the protocol, affecting its overall functionality and reliability.

2. Unlimited Token Minting: Malicious actors can exploit the unrestricted init function to mint an unlimited amount of Bean tokens for themselves. This can lead to severe inflation, impacting the token's price and stability, ultimately undermining the protocol's economic model.

Tools Used

• VSCode

Recommendations

1. Restrict Access: Implement access control mechanism to restrict the init function to be callable only by authorized accounts, such as the DAO.

2. Ensure One-Time Initialization: Ensure that the initialization process can only occur once, preventing multiple calls that could lead to the aforementioned issues.