Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: high

Invalid

Attacker can reduce the amount of debt token minted to him

0xgh0st

Summary

When borrowers who have already taken a loan attempt to borrow additional debt tokens, the protocol issues them a balanceIncrease. However, the protocol currently determines whether a borrower is existing solely by checking their balanceOf() debt token balance. This check is insecure because attackers can manipulate their balance by transferring tokens to another wallet to falsely appear as a new borrower.

Vulnerability Details

The protocol initiates debt token minting by checking if a user is borrowing for the first time via their debt token balance balanceOf(onBehalfOf). However, this mechanism is flawed because attackers can transfer all their debt tokens to another wallet prior to borrowing again. This resets their balance to zero, allowing them to bypass borrower status checks and illegitimately receive first-time borrower benefits

function mint(

address user,

address onBehalfOf,

uint256 amount,

uint256 index

) external override onlyReservePool returns (bool, uint256, uint256) {

if (user == address(0) || onBehalfOf == address(0)) revert InvalidAddress();

if (amount == 0) {

return (false, 0, totalSupply());

}

uint256 amountScaled = amount.rayDiv(index);

if (amountScaled == 0) revert InvalidAmount();

uint256 scaledBalance = balanceOf(onBehalfOf); <@ audit

bool isFirstMint = scaledBalance == 0;

uint256 balanceIncrease = 0;

if (_userState[onBehalfOf].index != 0 && _userState[onBehalfOf].index < index) {

balanceIncrease = scaledBalance.rayMul(index) - scaledBalance.rayMul(_userState[onBehalfOf].index); <@ audit

}

_userState[onBehalfOf].index = index.toUint128();

uint256 amountToMint = amount + balanceIncrease; <@ audit

_mint(onBehalfOf, amountToMint.toUint128());

emit Transfer(address(0), onBehalfOf, amountToMint);

emit Mint(user, onBehalfOf, amountToMint, balanceIncrease, index);

return (scaledBalance == 0, amountToMint, totalSupply());

}

Impact

As a result, attackers can avoid incurring the balanceIncrease by transferring their debt tokens to another wallet, effectively resetting their balance and appearing as a new borrower.

Tools Used

Manual audit

Recommendations

The preferable method is to track user debt via a state variable instead of relying on token balances.

Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

inallhonesty Lead Judge 4 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.