Zaros Part 1

Zaros

DeFiFoundry

60,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Gas Price Manipulation Attack in TradingAccountBranch.sol

0bingo76

Summary

The TradingAccountBranch contract is vulnerable to gas price manipulation attacks due to the lack of minimum transaction limits and rate limiting. An attacker can flood the network with numerous small transactions, artificially inflating gas prices and potentially profiting from the increased fees.

Vulnerability Details

https://github.com/Cyfrin/2024-07-zaros/blob/d687fe96bb7ace8652778797052a38763fbcbb1b/src/perpetuals/branches/TradingAccountBranch.sol#L317

The vulnerability stems from two main issues in the contract:

Lack of minimum transaction amount:

function depositMargin(uint128 tradingAccountId, address collateralType, uint256 amount) public virtual

{ // ... UD60x18 amountX18 = marginCollateralConfiguration.convertTokenAmountToUd60x18(amount); _requireAmountNotZero(amountX18); // ... }

This function only checks if the amount is non-zero, allowing for extremely small deposits.

2.Absence of rate limiting: There is no mechanism in place to limit the frequency of transactions from a single account or across accounts controlled by the same entity.

Impact

Potential profit for attackers if they are miners as well as increased transaction costs for legitimate users.

Tools Used

manual code review

Recommendations

Implementation of Minimum Transaction Amountsmapping(address => UD60x18) public minDepositAmount;

mapping(address => UD60x18) public minDepositAmount;

function setMinimumDepositAmount(address collateralType, UD60x18 minAmount) external onlyOwner {

minDepositAmount[collateralType] = minAmount;}

function depositMargin(uint128 tradingAccountId, address collateralType, uint256 amount) public virtual {

UD60x18 amountX18 = marginCollateralConfiguration.convertTokenAmountToUd60x18(amount);

require(amountX18 >= minDepositAmount[collateralType], "Amount below minimum");

// ... rest of the existing code ...}

Implement Rate Limiting:

mapping(address => uint256) public lastTransactionTimestamp;

uint256 public constant TRANSACTION_COOLDOWN = 1 hours;

function depositMargin(uint128 tradingAccountId, address collateralType, uint256 amount) public virtual {

require(block.timestamp >= lastTransactionTimestamp[msg.sender] + TRANSACTION_COOLDOWN, "Cooldown period not elapsed");

lastTransactionTimestamp[msg.sender] = block.timestamp;

// ...existing code below ...

}

Implement Dynamic Gas Price Caps: Consider implementing a mechanism that sets a maximum gas price for transactions based on recent network conditions. This can help prevent sudden spikes due to malicious activity.

Monitoring and Alerts: Implement off-chain monitoring to detect patterns of frequent small transactions and alert system administrators.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Lack of quality

Prize pool breakdown

Total prize

60,000 USDC

nSLOC

2,878

21 USDC / LOC

High Medium

50,000 USDC

Low

5,500 USDC

Judges

4,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.