-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
supply and withdraw method lacks slippage mechanism #95
Comments
alex-ppg marked the issue as selected for report |
alex-ppg marked the issue as satisfactory |
The Warden has demonstrated how the Predy Pool does not impose any user-supplied slippage checks on its supply and withdrawal functions. Slippage checks in the supply function are meaningless (as proven by protocols such as Uniswap V3 not permitting slippage checks on the minted LP position amount) given that the evaluation of a share relies on on-chain conditions that may have changed between a transaction's submission and a transaction's execution in the network. As such, submissions #269 and #223 which solely detail slippage checks in this function have been assigned no reward. Slippage checks in the withdrawal function, however, are crucial given that a user wishes to make a withdrawal based on an evaluation of the collateral-per-share that may no longer hold true when the withdrawal is performed, similar to how Uniswap V3 permits slippage checks on the amounts withdrawn from an LP position. As such, this aspect of each submission in this duplicate set is correct and a severity rating of medium-risk is appropriate. |
@alex-ppg , since the protocol said "Front-running through insufficient slippage is OOS" shouldn't this be OOS like the other one's |
Hey @alex-ppg, maybe I'm missing something here, but I don't think the slippage in supply/withdraw is required in Predy. Let's first see the use case described in this issue.
This is simply incorrect, because user B depositing a large number of assets will NOT increase Since This is different than uniswap LP mint/burn because the amount of LP/tokens that a user can get is related to the slot0 price of uniswap, which is manipulatable, and user may lose funds because of it. However, in this case, |
Hi @alex-ppg, From my perspective this issue is invalid. The It functions similarly to the It does not affect the amount a user can supply or withdraw. So at the end what user can withdraw is always equal the amount he supply + extra from collected fees, and there is no option to manipulate his earned fees per tokens supplied. |
Calling
Let me quote your issue here #113.
All of your analysis is correct, bond tokens (amount of minted shares) decrease. However, since assetScaler increases, the total asset that the shares corresponds to does not change, since |
When supplying and withdrawing tokens, slippage is not necessary because the user flow is simple: if you supply 10 tokenA, you will receive 10 shares of tokenA. When withdrawing, the user simply provides shares of the token and receives fees based on the amount of shares they hold of tokenA. There is no need for slippage, and also an oracle is not required to calculate the tokens. This issue seems invalid from my perspective. Thanks @alex-ppg for judging I appreciate your work. |
Hey @Saptarshi1010, @pkqs90, @NishithPat, @0xklapouchy, and @0xAbhay; I appreciate everyone's diligent contributions to the PJQA stage! The issue details how slippage can not even be defined, so it is still in scope. Thanks for your feedback! It is possible to receive less funds than expected from the withdrawal function even if the This conversion can directly result in loss of funds albeit of a lower degree than expected. When supplying tokens, slippage is never required as I detailed in my response, and is generally accepted. When withdrawing, a maximum loss of In light of this new analysis, a QA risk level is better suited that aligns with the Sponsor's confirmation (i.e. it is a valid issue) but would render it ineligible for an HM reward. The value of bond tokens is nondeterminate and dynamic. As long as a withdrawal would result in the same amount of underlying tokens if performed after the supply operation, slippage is redundant in such a case. As mentioned above to @pkqs90, the withdrawal might result in fewer funds than expected which differs from other DeFi protocols. See above. ConclusionThe issue will be downgraded to a QA-level risk as I do not envision an HM-level risk to arise from the lack of slippage. The value extracted cannot be manipulated in a negative direction, and the maximum truncation impact is recoverable (i.e. the underlying bond tokens will not be lost). |
alex-ppg changed the severity to QA (Quality Assurance) |
alex-ppg marked the issue as grade-c |
@alex-ppg @pkqs90
Conclusion
This is what slippage protection tries to prevent. Due to A's supply transaction, another user, B, made a profit, and the initial user A will pay gas fees and have a suboptimal total portfolio. To prevent this, we need slippage protection. PS: Please correct me if I'm wrong |
Hey @Tri-pathi, thank you for your contribution. I strongly advise you to adhere to PJQA guidelines so as to avoid risking your SR role. The scenario outlined is incorrect because it assumes a fixed price per unit of the bond token. The tokens User A expected have been reduced, however, their underlying value has remained the same meaning that no negative impact has affected the user. The tokens User B will receive when withdrawing will be the same as they deposited as the asset scaler is proportionately increased to ensure the same bond-to-token ratio is maintained. Similarly, LP positions on Uniswap do not impose any slippage on the LP units minted because their value fluctuates and they will never be less than what the user deposited. Whether a user receives 10 LP units of the USDC/WETH pair or 5 LP units is irrelevant as they can issue a withdrawal and acquire the same tokens they deposited back. The revised ruling will remain in effect and no further feedback is expected for this submission. |
Lines of code
https://github.com/code-423n4/2024-05-predy/blob/main/src/PredyPool.sol#L237
https://github.com/code-423n4/2024-05-predy/blob/main/src/PredyPool.sol#L222
Vulnerability details
Impact
The lack of a slippage mechanism in supply and withdraw functions could result in bad trade
Proof of Concept
In the
PredyPool
contract, bothsupply
andwithdraw
methods lack a slippage mechanism, which can lead to unfavorable trades for users.Here’s how the lack of slippage can be exploited:
User A wants to supply 100,000,000 USDC and expects a corresponding number of bond shares. However, User's B supply tx executed before User A's supply transaction and deposit a large number of assets, which will significantly increase
tokenState.assetScaler
and decrease the number of bond shares for User A. AstokenState.assetScale
increase based on the utilization i.e deposit , withdrawal and trade and inversely proportional to bond shares wrt supplied assetA similar scenario can occur during withdrawals.
Slippage is a crucial parameter when adding or withdrawing assets from such vaults/pools to protect users from these kinds of attacks/losses
Tools Used
Manual
Recommended Mitigation Steps
Add a mechanism to specify the expected number of bond shares a lender expects from supplying assets, and similarly, the expected amount of assets from a withdrawal. This will protect users from significant changes in the
tokenState.assetScaler
due to front-running or other manipulations.Assessed type
Other
The text was updated successfully, but these errors were encountered: