Lines of code

Vulnerability details

This one is caused by mitigation to issue M-05

Impact

Early issuer can issue less than one wad (e.g. 9e17 wei) and send it to the Furnace contract, then whenever anyone is trying to issue more RTokens melt() would be called, since there’s less than 1 wad in total supply melt would revert, reverting the issuance.
This would totally disable the option to issue.

Proof of Concept

• After a single period passes, the amount to melt would be greater than zero
  • Given that reward ratio is at least 1e-9, that can easily be achieved even with a balance of 1e9
• The supply is less than 1e18, therefore melting would revert
• If melting reverts, than issuance reverts too.
• It’s not possible to melt till we issue more tokens
• It’s also not possible to issue till we can melt without reverting
• Deadlock situation successfully achieved

Recommended Mitigation Steps

Remove the restriction that doesn’t allow melting and replace it with not allowing anybody but Furnace to melt.
Alternatively, don’t melt during issuance if total supply is less than some threshold (e.g. 10 wad), or don’t melt if supply - balanceOf(furnace) is less than 1 wad.

The text was updated successfully, but these errors were encountered:

All reactions