Flow

Sablier

FoundryDeFi

20,000 USDC

View results

Previous Next

Submission Details

Severity: low

Valid

Users can bypass protocol fees

strapontin

Summary

The protocol applies a fee when users withdraw funds, calculated based on the amount withdrawn. However, the calculation rounds down the value of the fees, allowing a malicious user to avoid paying the fees by withdrawing in chunks of small amount. This behavior can especially be exploited on Layer 2 blockchains where transactions are cheaper.

Vulnerability Details

When a withdraw occurs, the protocol deducts a fee from the amount specified if they are interested in the token being withdrawn. The fees are calculated as follow :

// Calculate the fee amount based on the fee percentage.

feeAmount = ud(totalAmount).mul(fee).intoUint128();

Because the feeAmount is rounded down, a malicious user can exploit this by making small withdraws, causing the fee to round down to 0. This is more likely to be exploited on L2 blockchains using tokens with low decimal precision, since the gas is cheaper and the amount of token withdrawn per "small withdraw" is greater.

This vulnerability is also amplified when the fee amount is set under than its maximal value of 10 %, as smaller percentages more easily round down to zero.

Example

For a clearer illustration, consider a token like Gemini Dollar (GUSD), which has 2 decimals places. The following scenario applies the maximum fee allowed by the protocol.

Given a withdrawal amount of 9 units (representing 0.09 GUSD), with a 10% fee:

Note : The protocol uses UD60x18 to handle fixed-point calculations by scaling numbers to 1e18. For simplicity, unscaled values are shown here.

feeAmount = 9 * 0.1 = 0.9, which rounds down to 0.

Impact

This vulnerability enables users to avoid fees on multiple withdrawals, significantly reducing the protocol's revenue.

Tools Used

Manual review.

Recommendations

Note that the current implementation of the protocol allows any user to withdraw to the recipient. This means the issue can somehow already be mitigated if the withdrawal is forced to the recipient with a value high enough to take fees into account before the attack is made.

Beside this, I see two different approach to fixing this issue :

Forcing user to send the max withdrawal to the recipient, instead of allowing a variable amount.
Rounding up the protocol fee to prevent user abuse.

Implementing either solution would help secure the protocol's fee revenue against abuse.

Updates

Lead Judging Commences

inallhonesty Lead Judge 8 months ago

Submission Judgement Published

Validated

Assigned finding tags:

Super low decimal tokens can avoid paying protocol fees

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

699

29 USDC / LOC

High Medium

19,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.