Transfer invariant can be broken #613
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
duplicate-256
partial-50
Incomplete articulation of vulnerability; eligible for partial credit only (50%)
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
upgraded by judge
Original issue severity upgraded from QA/Gas by judge
Lines of code
https://github.com/code-423n4/2023-11-panoptic/blob/aa86461c9d6e60ef75ed5a1fe36a748b952c8666/contracts/SemiFungiblePositionManager.sol#L621
Vulnerability details
Impact
The protocol has an invariant that if someone wants to transfer SFPM-tokens of a certain ID to someone else, they have to send all tokens of that ID that they possess. The checks for this invariant are insufficient.
Proof of Concept
The
registerTokenTransfer
function performs the following check:The check to validate that all balance is transferred is insufficient. An example:
s_accountLiq[from]
will be 0-200 (0 left, 200 right). He gets minted 200 tokens (say tokenId 1 for simplicity)s_accountLiq[from]
will be 100-100. He gets minted 100 tokens with (with tokenId 2)fromLiq.rightSlot() == liquidityChunk.liquidity()
passes, even though he owns 200 tokens with tokenId 1Tools Used
Manual review
Recommended Mitigation Steps
One approach would be to disallow sending tokens where any of its legs has removed liquidity (where
leftSlot() != 0
). Though this may be more restrictive than the intended design.Assessed type
Other
The text was updated successfully, but these errors were encountered: