Alchemix Transmuter
Alchemix
DeFiFoundrySolidity
16,653 OP
View results
Previous Next
Submission Details
Severity: high
Invalid

Insufficient Validation of Swap Path (`_path`)

cipherhawk

Issue:

The _swapUnderlyingToAsset function does not validate that the provided _path actually converts the underlying token (WETH) to the asset token (alETH). This lack of validation allows Keepers to provide arbitrary or incorrect paths, which can lead to unintended behavior, including swapping to the wrong token or maliciously rerouting funds.

Impact:

High.

  1. Incorrect Token Swaps:

    • If _path does not lead from WETH to alETH, the strategy may end up holding an incorrect or unexpected token, disrupting operations and yield generation.

  2. Malicious Token Diversion:

    • An attacker could provide a _path that routes tokens to a malicious contract, leading to unauthorized fund transfers or token theft.

  3. Yield Disruption:

    • Incorrect swaps can halt subsequent operations or require manual intervention to recover misallocated funds, causing yield interruptions and financial losses.

Evidence from Code:

function _swapUnderlyingToAsset(uint256 _amount, uint256 minOut, IVeloRouter.route[] calldata _path) internal {
require(minOut > _amount, "minOut too low");
uint256 underlyingBalance = underlying.balanceOf(address(this));
require(underlyingBalance >= _amount, "not enough underlying balance");
IVeloRouter(router).swapExactTokensForTokens(_amount, minOut, _path, address(this), block.timestamp);
}

The function does not validate:

  1. That the first token in _path matches underlying (WETH).

  2. That the last token in _path matches asset (alETH).

Potential Attack Scenario:

  1. Incorrect Path Injection:

    • A Keeper provides a _path that swaps WETH to an arbitrary token (e.g., USDC) instead of alETH.

    • The strategy receives USDC instead of alETH, disrupting its ability to operate and causing potential losses.

  2. Malicious Token Diversion:

    • A Keeper provides a _path that routes tokens to a malicious contract, siphoning WETH from the strategy.

  3. Incomplete Swaps:

    • The _path ends with an intermediary token instead of alETH, leaving the strategy with unutilized tokens and failing to meet the intended yield objectives.

Mitigation:

  1. Path Validation: Validate that the first token in _path matches underlying and the last token matches asset.

    require(_path[0].from == address(underlying), "Path must start with underlying");
    require(_path[_path.length - 1].to == address(asset), "Path must end with asset");

  2. Whitelist Trusted Tokens: Maintain a whitelist of tokens that are allowed in the swap path, ensuring only approved tokens can be swapped.

  3. Path Sanity Checks: Implement checks to ensure _path adheres to the expected swap structure and does not include unnecessary or redundant hops.

Updated Function Implementation:

function _swapUnderlyingToAsset(uint256 _amount, uint256 minOut, IVeloRouter.route[] calldata _path) internal {
require(_path.length > 0, "Path cannot be empty");
require(_path[0].from == address(underlying), "Path must start with underlying");
require(_path[_path.length - 1].to == address(asset), "Path must end with asset");
require(minOut > _amount, "minOut too low");
uint256 underlyingBalance = underlying.balanceOf(address(this));
require(underlyingBalance >= _amount, "Not enough underlying balance");
IVeloRouter(router).swapExactTokensForTokens(_amount, minOut, _path, address(this), block.timestamp);
}

Advantages of Mitigation:

  1. Ensures Correct Swap Execution:

    • Guarantees that swaps start with underlying and end with asset, eliminating the risk of holding incorrect tokens.

  2. Prevents Token Diversion:

    • Blocks malicious paths that attempt to reroute funds to unauthorized addresses.

Updates

Appeal created

inallhonesty Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.