QuantAMM

49,600 OP

View results

Previous Next

Submission Details

Severity: medium

Valid

Missing initialize Function in UpliftOnlyExample Hook/Router

i_atiq

Summary

The UpliftOnlyExample hook serves as a router and manages liquidity deposits, NFT minting, and BPT tokens. However, it lacks an initialize function to properly initialize and deposit the first liquidity into a new pool. This omission can lead to scenarios where liquidity is initialized by an external router, creating issues for users attempting to withdraw liquidity due to the NFT check in onAfterRemoveLiquidity.

Vulnerability Details

The UpliftOnlyExample hook does not include an initialize function to handle the initialization and first liquidity deposit for a newly registered pool. In balancer a new pool has to be initialized using the router to mint the initial minimum BPT to start it's operation
This can be done by other routers but when a pool is initialized by another router, that user will not be able to withdraw their liquidity. The withdrawal process requires burning an NFT in onAfterRemoveLiquidity function. Since that user never got any NFT, he can never withdraw his funds.
Without an NFT, the user who initialized the pool cannot withdraw their funds, creating a locking scenario due to mismatched initialization mechanisms.

Impact

The user who initializes the pool through another router will have their funds permanently locked.

Tools Used

Manual Code Review

Recommendations

Implement an initialize function within the UpliftOnlyExample hook similar to the initialize of Router.sol to handle initial liquidity deposit for new pools. Ensure this function incorporates the necessary NFT minting and checks.

Updates

Lead Judging Commences

n0kto Lead Judge 4 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Appeal created

i_atiq Submitter

4 months ago

0xhuntoor Auditor

4 months ago

n0kto Lead Judge

4 months ago

n0kto Lead Judge 3 months ago

Submission Judgement Published

Validated

Assigned finding tags:

finding_Uplfit_vault_not_initializable_by_router

Likelihood: High, no function to instantiate the vault and will need to deploy a brand new contract or another router with a dedicated function to initialize it. Impact: Low, unusable contract: cannot swap/addLiquidity until a new contract with that function is deployed and call it. So no funds will be sent and lost. An alternative could be to deploy another router and initialize that pool but it will lead to lost a dust amount.

Prize pool breakdown

Total prize

49,600 OP

nSLOC

3,000

17 OP / LOC

High Medium

44,640

Low

4,960

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.