Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Nukem Loans>High findings>Centralized pricing arbitrage
GeneralOverview
Findings
Critical (3)
High (3)Centralized pricing arbitrageSlippage is set to zero during swapEIP-712 fork replayable signature
Medium (2)
Low (1)
DiscussionInitializer called in constructorBorrowing on behalf of the Market contractPotential storage-collision issueSaferERC20 additional checksEIP-712 implementationMarket setters should only be called onceUtilizing eth-brownie for testingCentralizationAMM oracle pricing
Threat ModelWhat are threat models?AbstractSwapper.solAuctions.solCollateral.solCredit.solDebt.solEIP712.solERC20Base.solERC20Permit.solEnFi4626.solLendingStrategy.solMarket.solProxyManager.solRoles.solSaferERC20.solUniswapV2Swapper.sol
Audit ResultsSummary
Category: Business Logic

Centralized pricing arbitrage

High Severity
High Impact
High Likelihood

Description

As the protocol uses a combination of automated market maker (AMM) oracles and centralized prices provided in signatures, an arbitrage opportunity may exist that will result in the drainage of pools.

    function borrow(...) public virtual returns (uint256 debt_shares) {
        require(
            checkSignature(authorizer, market, price, deadline, v, r, s),
            "invalid.signature"
        );

        require(authorizer == _owner, "authorizer");
        require(market == address(this), "market");
        require(deadline >= block.timestamp, "expired");

        // protect against price manipulation
        require(validatePrice(price, amount), "invalid.price");
        debt_shares = _debt.withdraw(amount, receiver, owner);
    }
}

The signatures have a deadline of five minutes and can be constantly polled from off-chain components. A malicious user could continuously poll these signatures, waiting for the increase in price of those tokens, and exploit the price difference between the signed price five minutes ago and the current market price.

If the price goes up substantially relative to the price in the signature five minutes ago, there may be an edge case where a user can actually borrow more capital than the price of their collateral.

For markets that have high collateralization ratio, this can be especially risky because in addition to that, AMM oracles can be manipulated to a certain extent (limited by validatePrice) in the protocol.

Impact

For some market configurations that have have a 90% collateralization rate and 95% liquidation rate, the delta allowed for the underlying AMM is ~5%. A malicious user constantly polling for signatures would have to wait for one instance of such a price movement in the market in order to execute such an arbitrage.

Recommendations

With the current architecture, such attacks will always be possible in case of drastic price movements in the five-minute period. However, the goal here is to make this unlikely, by reducing either maximum collateralization rates or reducing the deadline time period such that the required price movement is almost impossible in the time period.

Remediation

The Nukem team agreed with this finding and decided to lower collateralization rates in existing market configurations. The team plans to add additional mitigations in a future update.

Zellic © 2023Back to top ↑