Flow

Summary

Insolvent initial position would occur if a sender starts a debt stream without having sufficient amount to meet the ongoing debt obligations over time. This could result in recipients accumulating unpaid debt, undermining the core functionality of continuous, dependable payments.

https://github.com/Cyfrin/2024-10-sablier/blob/8a2eac7a916080f2022527408b004578b21c51d0/src/SablierFlow.sol#L233

Vulnerability Details

I have documented some exploits on how they can affect the protocol:

1. Position Exploits

   If a Sender can continuously open and close streams without addressing previous debt, they might manipulate the system by avoiding payment obligations each time a stream is renewed or adjusted.

   This behavior could lead to unfair treatment of recipients, who may expect a stable stream of payments but receive partial payments due to sender manipulation. This “position exploit” would make Flow unreliable for applications requiring steady, predictable payments.

2. if a sender stream is based on a commitment they can’t actually fulfill. For example, in a payroll application, if the sender promises ongoing payments but lacks the required amount, recipients won’t receive expected payments in full, which can cause financial distress and distrust in the protocol.

3. Flow docs states that: "Sender: The creator of the stream. Sender has the ability to change rps, pause, restart, void and refund from the stream..." If the sender repeatedly open new debt streams after defaulting on previous ones, a sender could continue creating streams despite a poor track record. This would harm recipients who expect reliability, as they could repeatedly encounter insolvent streams.

   Impact

   Loss of trust reduces Flow’s appeal, especially for long-term or institutional users. Potential clients, such as businesses or organizations, may avoid Flow for payments or loans.

Tools Used

manual

Recommendations

• Flow could introduce minimum solvency requirements at the initiation of a stream, ensuring the sender has at least a portion of the debt value available.

Restricting how often streams can be closed and reopened, or by applying a cooldown period before a new stream can begin after a prior one is closed.