Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

y4y - The protocol is not compatible with abstract wallets #13

Closed
sherlock-admin2 opened this issue Sep 9, 2024 · 0 comments
Closed

y4y - The protocol is not compatible with abstract wallets #13

sherlock-admin2 opened this issue Sep 9, 2024 · 0 comments
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A Medium severity issue. Reward A payout will be made for this issue

Comments

@sherlock-admin2
Copy link
Contributor

sherlock-admin2 commented Sep 9, 2024
edited by sherlock-admin3
Loading

y4y

High

The protocol is not compatible with abstract wallets

Summary

Abstract wallet users will not be able to work with the protocol due to tx.origin.

Root Cause

The protocol has api.vy as an entry point, and other contracts strictly limit only api.vy or core.vy to call functions, whereas most functions in core.vy can only be called by api.vy contract. So the protocol uses tx.origin as a way to replace msg.sender, the following example is from core::mint:

@external
def mint(
  id          : uint256,
  base_token  : address,
  quote_token : address,
  lp_token    : address,
  base_amt    : uint256,
  quote_amt   : uint256,
  ctx         : Ctx) -> uint256:

  self._INTERNAL()

  user        : address   = tx.origin
  total_supply: uint256   = ERC20(lp_token).totalSupply()
  pool        : PoolState = self.POOLS.lookup(id)
  lp_amt      : uint256   = self.POOLS.calc_mint(id, base_amt, quote_amt, total_supply, ctx)

  assert pool.base_token  == base_token , ERR_PRECONDITIONS
  assert pool.quote_token == quote_token, ERR_PRECONDITIONS
  assert pool.lp_token    == lp_token   , ERR_PRECONDITIONS
  assert base_amt > 0 or quote_amt > 0  , ERR_PRECONDITIONS
  assert lp_amt > 0                     , ERR_PRECONDITIONS

  assert ERC20(base_token).transferFrom(user, self, base_amt, default_return_value=True), "ERR_ERC20"
  assert ERC20(quote_token).transferFrom(user, self, quote_amt, default_return_value=True), "ERR_ERC20"
  assert ERC20Plus(lp_token).mint(user, lp_amt), "ERR_ERC20"

  self.POOLS.mint(id, base_amt, quote_amt)
  self.FEES.update(id)

  self.INVARIANTS(id, base_token, quote_token)

  log Mint(user, ctx, pool, total_supply, lp_amt, base_amt, quote_amt)

  return lp_amt

For most cases, it works fine, as tx.origin will also be msg.sender to the API contract, but for abstract wallets, as it's essentially a contract, tx.origin will go back to the very origin of the transaction, and it will not be the wallet address. This makes abstract wallet users unable to interact with the pool.

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

Abstract wallet users will not be able to interact with the protocol.

PoC

No response

Mitigation

Add a account argument to the parameter, and sets this value to msg.sender in the API contract, and pass it on to the CORE contract.

Duplicate of #82
@github-actions github-actions bot added Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A Medium severity issue. labels Sep 11, 2024
@sherlock-admin3 sherlock-admin3 changed the title Dry Khaki Locust - The protocol is not compatible with abstract wallets y4y - The protocol is not compatible with abstract wallets Sep 11, 2024
@sherlock-admin3 sherlock-admin3 added the Reward A payout will be made for this issue label Sep 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A Medium severity issue. Reward A payout will be made for this issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sherlock-admin2 @sherlock-admin3