Invariant violation leading to DoS'd borrows

Summary

See 'Root Cause'

Root Cause

The contest README states the following invariant:

Protocol cannot lend when CF_liquid < 20%, where CF_liquid = rETH_vault / synthetic_rETHdebt.

However, the code uses 200% mistakenly:

    uint public cf_liquid_warning = 2000; // 200%

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

In getMaxBorrow(), the synthValueWithCF will be calculated to be much higher than what it should be. This causes getMaxBorrow() to return 0, causing a DoS for borrowing.

PoC

No response

Mitigation

No response

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

060.md

060.md

Invariant violation leading to DoS'd borrows

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation

Files

060.md

Latest commit

History

060.md

File metadata and controls

Invariant violation leading to DoS'd borrows

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation