Zaros Part 1

Summary

Note: This finding is highly inspired by the finding on the Sablier contest

Malicious user can honeypot other users to buy their accounts on an NFT marketplace and withdraw the margin from it right before the purchase happens

Impact

Note: The issue can also occur on NFT lending marketplaces with a few variations, but the attack path is similar.

Victims believe they are buying a valuable account with collateral, but they end up with an empty account.

This results in a loss of funds for the victims, profit for the malicious user, and a loss of trust in the Zaros protocol.

Proof of Concept

In the majority of NFT marketplaces such as Opensea and Blur, users can list their NFTs by approving them to the marketplace contract.

Once the NFT finds a buyer, the marketplace contract transfers the NFT from the owner to the buyer who pays to receive it.

Regarding Zaros, an account is represented as an NFT and can:

• Be transferred (by the NFT owner): The new NFT owner will be able to utilize the margin collateral in the account.

• Be emptied (by the NFT owner): The NFT owner can withdraw the collateral, leaving the account with zero balance.

Here is a realistic scenario where a malicious user can exploit this to defraud other users.

Note that this scenario can be crafted in a more malicious way, but for the sake of simplicity, we'll keep it this way.

1. Attacker creates an account on Zaros and deposits 5,000 USDC in margin collateral.

2. Attacker lists the account on Opensea for the equivalent of 1,000 USDC.

3. A potential buyer sees the listing and thinks they can obtain an account with 5,000 USDC in collateral for only 1,000 USDC, appearing to make a 4,000 USDC profit.

4. The attacker monitors the mempool and frontruns the buyer's transaction by withdrawing the 5,000 USDC collateral from the account.

5. The marketplace executes the trade, sending the 1,000 USDC to the attacker and transferring the now-empty account to the buyer.

At the end of the scenario, the attacker effectively steals 1,000 USDC from the buyer.

Tools Used

Manual review

Recommendations

Considering the protocol design, the issue can't be patched easily.

In order to prevent one part of the attack, the accounts would need to be UNWITHDRAWABLE while listed for sale, but this can't be enforced as it is a core functionality.

The second part of the attack can't really be countered because while the NFT is listed on the marketplace, the owner can withdraw the collateral at any time.

One idea would be to add a requirement on the NFT approval function that checks if the address approved is part of a list of allowed marketplaces. If that is the case, the account would need to be frozen (and maybe have 0 collateral).

Adding functions to make the process easier for users would be beneficial.