Alchemix Transmuter

Alchemix

DeFiFoundrySolidity

16,653 OP

View results

Previous Next

Submission Details

Severity: medium

Invalid

Single Point of Failure in Router Management

invcbull

Summary

The StrategyArb contract exposes a critical vulnerability due to the management of the router address through a single management function. This design flaw creates a single point of failure that could be exploited, leading to potential asset loss or misrouting.

Vulnerability Details

The setRouter function allows the management address to change the router address without requiring consensus or additional validation. This lack of redundancy makes the system susceptible to exploitation if the management address is compromised.

Vulnerable Code:

function setRouter(address _router) external onlyManagement {

router = _router;

underlying.safeApprove(router, type(uint256).max);

}

Impact

If an attacker gains control of the management address, they can redirect funds to a malicious router, resulting in:

Loss of assets due to misrouting.
Disruption of strategy operations.
Decreased trust in the protocol from users and stakeholders.

Attack Flow

Compromise Management Privileges: An attacker gains unauthorized access to the management address through phishing, key leakage or social engineering
Change Router Address: The attacker calls the setRouter function to change the router address to a malicious contract designed to siphon off funds.
Manipulate Deposits/Withdrawals: Any subsequent calls to claimAndSwap or other functions that utilize the router will interact with the malicious router instead, allowing the attacker to misroute or drain funds from the contract.
Exploit Assets: The attacker can now withdraw or manipulate funds at will, potentially leading to significant financial loss for users and the protocol and even complete draining of protocol and users funds.

Tools Used

Manual Review

Recommendations

To mitigate this vulnerability, it is recommended to implement a multisignature (multisig) governance model for router address changes. This approach should involve:

Collective Approval: Require multiple signatures from trusted stakeholders to authorize any changes to the router address, ensuring that no single individual has unilateral control.
Increased Security: Enhance security through collaborative decision-making, minimizing the risk of unauthorized modifications and potential exploits associated with a single point of failure.

By transitioning to a multisig governance model, the contract's security and resilience can be significantly improved, protecting user assets from unauthorized changes and potential attacks.

Updates

Appeal created

inallhonesty Lead Judge 7 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

16,653 OP

nSLOC

253

66 OP / LOC

High Medium

15,800

Low

853

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.