Zellic - Audit Reports

Category: Protocol Risks

Vesting admin can manipulate price ratio

High Impact

Critical Severity

Medium Likelihood

Description

The price ratio is the ratio of assets to shares. The following function determines how many assets are in the vault:

function totalAssets() public view override returns (uint256) {
    return super.totalAssets() - getVestingDeposit() + vestedAmount(block.timestamp.toUint64());
}

Since super.totalAssets() includes the vesting deposit, it first subtracts that and then adds the amount of vesting deposit that has vested up until the current timestamp. The vesting admin has the ability to deposit and withdraw funds at any time, but it does not have the ability to change the vesting period.

If the vesting admin deposits or withdraws during the vesting period, the price ratio will immediately increase or decrease, respectively. This is a powerful ability of the vesting admin.

Impact

The aforementioned fact — that the vesting admin can change the price ratio during the vesting period — is problematic even if the vesting admin is not malicious/compromised.

For the remainder of this section, we will use the following variables:

Let $n$ be the number of shares in the vault.
Let $x$ be the total number of assets in the vault, including vesting deposits.

We see at least two impacts of the fact.

1. Vesting admin can drain the vault

After (or during) a vesting period, the vesting admin can completely drain the vault by manipulating the price ratio.

The following steps demonstrate this attack:

Atomically, in one transaction,
- The vesting admin deposits the same number of assets as is in the vault as a normal deposit so that they own half the shares. The new price ratio is $\frac{2 x}{2 n}$ .
- Funding the attack using a flash loan, the vesting admin deposits the same number of assets as is now in the vault ( $x + x$ ) as a vesting deposit, thereby doubling the price ratio. The new price ratio is $\frac{4 x}{2 n}$ .
- The vesting admin initiates redemption for $n$ shares. It locks in the WithdrawRequest that $2 x$ assets will be given to the vesting admin.
- The vesting admin withdraws the vesting deposit of $2 x$ and repays the flash loan. The new price ratio is $\frac{2 x}{2 n}$ .
After the redemption timelock, the vesting admin withdraws $2 x$ assets from their WithdrawRequest. The vault is now drained.

2. Users can cause the vault to become insolvent

Whether done intentionally or not, if the vesting admin withdraws during or after the vesting period — provided at least one user has deposited assets before the vesting admin deposits a vesting deposit — it can cause the vault to become insolvent.

The following steps demonstrate an extreme case of this to prove that insolvency is possible. Toward the end of a vesting period, consider if the following transactions executed in order:

A user deposits the same number of assets as is in the vault ( $x$ ) as a normal deposit so that they own $n$ , which is half of the shares. The new price ratio is $\frac{2 x}{2 n}$ .
The vesting admin deposits the same number of assets as is now in the vault ( $x + x$ ) as a vesting deposit, thereby doubling the price ratio. The new price ratio is $\frac{4 x}{2 n}$ .
Some time passes, and the vesting period is almost over. The user observes step 4 in the mempool and front-runs the transaction to initiate redemption for $n$ shares. It locks in the WithdrawRequest that $2 x$ assets will be given to the vesting admin.
Vesting admin withdraws the vesting deposit of $2 x$ . The new price ratio is $\frac{2 x}{2 n}$ .
After the redemption timelock, the user withdraws $2 x$ assets from their WithdrawRequest. The vault is now drained.

In practice, the vesting admin probably would not have such a large deposit, but the point is still true that vesting withdrawals during the time period lead to insolvency. Step 3 in particular is likely to happen by accident, as a user may want to redeem their shares early to take advantage of the vested earnings.

Recommendations

It is difficult to prevent this. We recommend that the vesting admin should not be able to withdraw vested assets during or after the vesting period.

Another alternative is to disallow the vesting admin from withdrawing when open redemption requests exist, but this enables DOS attacks since a user can create a redemption request and never call redeem.

Finally, a more difficult solution is to entirely separate vesting assets from the vault assets so that vesting deposits and withdrawals do not impact the price ratio.

Remediation

This issue has been acknowledged by Solera Markets, and fixes were implemented in the following PRs: