Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2023-11-KELP-FINDINGS-ISSUES-869
HistoryNov 15, 2023 - 12:00 a.m.

Potential arbitrage opportunity

2023-11-1500:00:00
Code4rena
github.com
1
arbitrage
vulnerability
lrtdepositpool
pricing feed
amms
flashloans
protocol funds

AI Score

7

Confidence

Low

JSON

Lines of code

Vulnerability details

Impact

According to the logic of the protocol (<https://blog.kelpdao.xyz/exploring-a-new-defi-primitive-liquid-restaked-token-lrt-ed0a8f63a4e2&gt;), minted tokens can be swapped on AMMs. This is a serious problem as prices on AMMs follow a bonding curve that are independent from the Chainlink pricing feed. This will create arbitrage opportunities for hackers to profit using the price difference to mint the LRT token on LRTDepositPool (that uses chainlink for pricing) and the price to swap on external AMMs. Furthermore, depending on which AMMs, prices in these AMMs could be manipulated with flashloans.

The end result would be the protocol funds being drained.

#Proof of Concept:

Restakers can swap their LRT tokens for other tokens on AMMs or choose to redeem underlying assets through LRT contracts.

Tools Used

Manual review.

Recommended Mitigation Steps

Do not use external AMMs to redeem as the prices are not the same as those returned by chainlink.

Assessed type

Other

The text was updated successfully, but these errors were encountered:

All reactions

AI Score

7

Confidence

Low

JSON