VAD37 - UniswapV3 Tick Position Used to Manipulate USSD/DAI Pool Price

[sherlock-admin]

VAD37

high

UniswapV3 Tick Position Used to Manipulate USSD/DAI Pool Price

Summary

USSDRebalancer.sol is designed to maintain a USSD/DAI price at $1.
However, the method it employs, which involves determining the number of tokens to swap based on the balance difference between USSD and DAI in the UniswapPool USSD/DAI, is flawed and exploitable.

In addition to the previously reported vulnerability to a Uniswap flashloan exploit, which relies on token.balanceOf() in getSupplyProportion(), there's another exploit that doesn't rely on token.balanceOf().

This involves creating a UniswapV3 Position with only one token, artificially inflating the amount of DAI tokens inside the USSD/DAI pool. This forces USSDRebalancer.sol to swap a substantial quantity of tokens while the price remains at $1, leading to price manipulation and USSD balance overshooting DAI balance when the exploiter exits their UniswapV3 Position.

Vulnerability Detail

An exploiter can buy/sell DAI tokens to the USSD/DAI pool, misleading getOwnValuation() and consequently enabling rebalance() to call the SellUSSDBuyCollateral() function.
The exploiter then creates a huge UniswapV3 position with only DAI tokens, setting lowerTick and upperTick values close to the maximum. This inflates the amount of DAI tokens in the pool without altering the swap price.

In response, USSDRebalancer.rebalance() perceives a large amount of DAI tokens in the pool and initiates a buy action for DAI tokens from the pool, using newly minted USSD tokens.

The swap amount derives from the standard position created by the developer, where the price ranges from tick -880000 to 880000 tick. The exploiter's tick position is 887272, close to infinity, remains untouched during this swap.

This process causes the price to deviate from the $1 equilibrium as the tick price shifts.

After the exploiter exits their position, incurring a small loss on the DAI token position, they can acquire USSD tokens cheaply due to the depegged price.
Upon calling rebalance() again, the price reverts back to $1, and the exploiter can sell the cheaply acquired tokens for a profit.

Impact

An exploiter can utilize the UniswapV3 tick position to artificially inflate the number of USSD tokens in the USSD/DAI pool, beyond the total DAI tokens. This enables them to buy/sell tokens for profit.

Code Snippet

https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/USSDRebalancer.sol#L104-L105
https://github.com/Uniswap/v3-core/blob/6562c52e8f75f0c10f9deaf44861847585fc8129/contracts/UniswapV3Pool.sol#L464-L479

Tool used

Manual Review

Recommendation

To avoid such exploitation, it's advisable to limit access to the rebalance() function, thereby preventing unauthorized users from manipulating it.

Duplicate of #451