Liquidity Management

Summary

The vulnerability arises from an incorrect share calculation in the _mint() function. When totalShares is 0, shares are calculated as amount * 1e8, meaning that a very small initial deposit (e.g., 1 wei) results in an excessively high number of shares. This miscalculation can lead to significant dilution for future depositors and give the first depositor disproportionate control. The mitigation is to use a fixed initial share value (e.g., a 1:1 ratio) during the first deposit to ensure a fair distribution.

Vulnerability Details

Function Impacted:
The vulnerability exists in the _mint() function responsible for calculating and issuing shares when a deposit is made.

• Incorrect Calculation:
  When totalShares is 0 (i.e., during the initial deposit), the contract calculates the number of shares as amount * 1e8. This leads to an exponential multiplication of the deposited amount.

• Exploit Scenario:
  An attacker can deposit a negligible amount (e.g., 1 wei) and receive an excessively high number of shares (e.g., 1e8 shares). This disproportionate share allocation can allow the attacker to gain undue influence over the contract.

Tools Used

manual review

Recommendations

Implement a Fixed Initial Share Ratio:
For the first deposit, use a fixed ratio (e.g., 1:1) rather than multiplying the deposit amount by a large constant. This avoids the issue where a minimal deposit grants an inappropriately high number of shares.

• Proportional Share Calculation for Subsequent Deposits:
  For deposits after the initial one, calculate shares proportionally based on the total shares and total deposited amount. This maintains equity among all participants.