Dria

Swan
NFTHardhat
21,000 USDC
View results
Submission Details
Severity: medium
Valid

Attacker can manipulate Oracle response with temporal staking

Summary

The LLMOracleCoordinator's respond and validate functions require users to stake DRIA tokens before calling them.

However, due to unrestricted unregister, users can become generators or validators without any real cost. This enables operating multiple generator/validator accounts simultaneously without maintaining stakes, potentially leading to malicious responses.

Vulnerability Details

function register(LLMOracleKind kind) public {
uint256 amount = getStakeAmount(kind);
// ensure the user is not already registered
if (isRegistered(msg.sender, kind)) {
revert AlreadyRegistered(msg.sender);
}
// ensure the user has enough allowance to stake
if (token.allowance(msg.sender, address(this)) < amount) {
revert InsufficientFunds();
}
token.transferFrom(msg.sender, address(this), amount);
// register the user
registrations[msg.sender][kind] = amount;
emit Registered(msg.sender, kind);
}
/// @notice Remove registration of an Oracle.
/// @dev Reverts if the user is not registered.
/// @param kind The kind of Oracle to unregister.
/// @return amount Amount of stake approved back.
function unregister(LLMOracleKind kind) public returns (uint256 amount) {
amount = registrations[msg.sender][kind]; // @audit anytime user can unregister.
// ensure the user is registered
if (amount == 0) {
revert NotRegistered(msg.sender);
}
// unregister the user
delete registrations[msg.sender][kind];
emit Unregistered(msg.sender, kind);
// approve its stake back
token.approve(msg.sender, token.allowance(address(this), msg.sender) + amount);
}

Since unregister can be called at any time, the following attack can be executed within a single block:

  1. Swap USDC for DRIA

  2. Call register to become a generator or validator

  3. Submit malicious respond or validate calls

  4. Call unregister and use transferFrom to retrieve DRIA

  5. Swap DRIA back to USDC

Additionally, attackers can transfer DRIA to different accounts to operate multiple accounts using this method.

Impact

This vulnerability is particularly concerning because:

  • The Coordinator has a maximum number of allowed responses/validations

  • Users can submit malicious responses/validations without maintaining actual stakes

So attacker can earn generator, validator fees without DRIA price risk. And also can manipulate response with multiple accounts.

Tools Used

None

Recommendations

It is recommended to add cooldown periods between registration and unregister.

mapping(address => uint256) public registrationTime;
function register(LLMOracleKind kind) public {
...
registrationTime[msg.sender] = block.timestamp;
}
function unregister(LLMOracleKind kind) public returns (uint256 amount) {
require(block.timestamp >= registrationTime[msg.sender] + MINIMUM_STAKE_DURATION);
...
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

There is no oracle whitelisting

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.