Part 2

Summary

VaultRouterBranch.sol is vulnerable to an inflation attack, which allows an attacker to render the vault unusable. This occurs due to improper handling of the initial deposit and the calculation of the exchange rate when the total supply is zero. The attack can be executed at minimal cost to the attacker while making the vault permanently inaccessible.

Vulnerability Details

The vulnerability arises from how the vault calculates the exchange rate when the first deposit occurs:

1. The first depositor mints shares at an arbitrary rate since the total supply is initially 0.

2. The contract does not enforce a minimum initial deposit, allowing an attacker to deposit an extremely small amount.

3. The attacker can inflate the share price by donating additional tokens directly to the vault before the next user deposits.

4. When the next depositor arrives, they receive zero or significantly fewer shares due to the inflated price.

5. The vault includes a slippage check (ctx.shares < minShares), which causes all future deposits to revert, effectively locking the vault.

Impact

DoS of the vault:

The manipulated exchange rate ensures that any new deposits fail due to the enforced minimum slippage check. As a result, all future deposits are blocked, rendering the vault permanently unusable.

Note: While most prudent users are unlikely to set minShares to any inappropriate value, those who do may unknowingly expose themselves to significant losses due to the artificially inflated exchange rate.

Tools Used

Manual review

Recommendations

There are multiple ways to mitigate inflation attacks, and the best approach depends on the specific use case. Two of them are:

1. Use a Fixed Initial Exchange Rate: Ensure that the first deposit does not arbitrarily determine the exchange rate.

2. Introduce Dead Shares: Mint a small number of "dead" shares during vault initialization to prevent attacks with a small first deposit.