Summary

The calculateRaacRewards function is vulnerable to a flash loan attack, allowing an attacker to temporarily inflate their deposit, claim a disproportionate share of reward tokens, and exit without any real cost. This exploit can drain a significant portion of the reward pool unfairly.

Vulnerability Details

The function calculates user rewards based on the proportion of deToken held relative to the total supply of deTokens.

An attacker can use a flash loan to temporarily accumulate a large number of deToken, increasing their share of the total supply.

Since the rewards are calculated at the moment of the function call, the attacker receives an unfairly high portion.

The attacker then returns the flash loan, leaving with the rewards while restoring the original total supply.

Example Attack Scenario
Initial State:

totalRewards = 1000 reward tokens

totalDeposits = 1000 deTokens (10 users, each holding 100 deTokens).

Attack Steps:

1. Attacker flash loans crvUSD

2. Deposits crvUSD into the LendingPool and gets 2000 RTokens (example value)

3. Attacker deposits the RTokens in the StabilityPool and gets 2000 deTokens increasing the total supply to 3000.

4. Attacker now holds 2/3 of the total supply of deTokens.

5. Function distributes 660 reward tokens (2/3 of 1000) to the attacker.

6. Attacker returns the flash loan, restoring totalDeposits = 1000.

7. The attacker walks away with 660 reward tokens unfairly.

Impact

Draining of Rewards: The attacker can drain the entire reward pool.

Unfair Reward Distribution: Honest users receive fewer to zero rewards.

Recommendations

Add a time weighted variable to the calculation of the rewards. The users who have deposited for longer should receive more tokens.