Skip to content

Latest commit

 

History

History
54 lines (38 loc) · 1.67 KB

032.md

File metadata and controls

54 lines (38 loc) · 1.67 KB

Fast Khaki Raccoon

Medium

DoS of operations in AutoCompoundingPodLp due to not considering the deposit limit

Summary

DoS of operations in AutoCompoundingPodLp due to not considering the deposit limit

Root Cause

Upon operations such as depositing and withdrawing in AutoCompoundingPodLp, we have the following code:

if (IS_PAIRED_LENDING_PAIR) {
                _amountOut = _depositIntoLendingPair(_pairedLpToken, _swapOutputTkn, _amountOut);
            }

Which calls this:

function _depositIntoLendingPair(address _lendingPair, address _pairAsset, uint256 _depositAmt) internal returns (uint256 _shares) {
        IERC20(_pairAsset).safeIncreaseAllowance(address(_lendingPair), _depositAmt);
        _shares = IFraxlendPair(_lendingPair).deposit(_depositAmt, address(this));
    }

However, the code fails to consider the deposit limit in FraxlendPair:

if (depositLimit < _totalAsset.totalAmount(address(0)) + _amount) revert ExceedsDepositLimit();

As the function is called upon all important operations, this will cause a DoS of depositing and withdrawing if the deposit limit is reached and if IS_PAIRED_LENDING_PAIR is true.

Internal Pre-conditions

No response

External Pre-conditions

No response

Attack Path

  1. Rewards are processed for AutoCompoundingPodLp and IS_LENDING_PAIR is true
  2. Upon depositing, we revert as the deposit limit has been reached
  3. Users who try to withdraw will be DoSed for an indefinite amount of time

Impact

DoS of functionalities such as deposits and withdraws

PoC

No response

Mitigation

Check for the deposit limit and if it has been reached, do not deposit