Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nikhilx0111 - incorrect assumption can be problematic #214

Open
sherlock-admin4 opened this issue Nov 13, 2024 · 0 comments
Open

nikhilx0111 - incorrect assumption can be problematic #214

sherlock-admin4 opened this issue Nov 13, 2024 · 0 comments

Comments

@sherlock-admin4
Copy link

sherlock-admin4 commented Nov 13, 2024
edited by sherlock-admin3
Loading

nikhilx0111

High

incorrect assumption can be problematic

Summary

This part of the code is inside the swap function, which is responsible for handling both DeFi and stablecoin swaps.

            uint256 iBalance = ERC20(ss.origin).balanceOf(wallet);
            if (defi.walletData.length != 0) _defiSwap(wallet, defi);
            uint256 fBalance = ERC20(ss.origin).balanceOf(wallet);
            //change balance to reflect change
            if (fBalance - iBalance != 0) ss.oAmount = fBalance - iBalance;

this line captures the initial balance of the user's ss.origin token (the token the user is going to swap from) before any operation happens. It does this by calling the balanceOf function

        if (defi.walletData.length != 0) _defiSwap(wallet, defi);

If there is a DeFi swap, the function _defiSwap(wallet, defi) is called

        uint256 fBalance = ERC20(ss.origin).balanceOf(wallet);

After performing the DeFi swap this line captures the final balance of ss.origin token after the swap. The idea is to check how the balance has changed as a result of the operation

        if (fBalance - iBalance != 0) ss.oAmount = fBalance - iBalance;

This line calculates the difference between the final balance (fBalance) and the initial balance (iBalance). This difference represents the amount of tokens spent or received due to the DeFi swap

         if (fBalance - iBalance != 0) ss.oAmount = fBalance - iBalance;

If the balance has changed (i.e., fBalance - iBalance != 0), it adjusts the amount. The oAmount represents the current balance of the wallet however the code assumes that fbalance (received amount) which can be wronf and if the initial balance every exceeds this code will fail to capture the users balance

Root Cause

https://github.com/sherlock-audit/2024-11-telcoin/blob/b9c751b59e78a7123a636e31ecafc9147046f190/telcoin-audit/contracts/swap/AmirX.sol#L93

Internal pre-conditions

balance exceeds received amount

External pre-conditions

No response

Attack Path

No response

Impact

loss of funds for users if balance ever exceeds received amount as the code will fail to capture the latest balance

PoC

No response

Mitigation

remove the check check if the amount received is more than initial balance
@sherlock-admin3 sherlock-admin3 changed the title Brave Gingham Orangutan - incorrect assumption can be problematic nikhilx0111 - incorrect assumption can be problematic Nov 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin4