[Lines of code](https://github.com/code-423n4/2023-08-shell/blob/main/src/proteus/EvolvingProteus.sol#L563-L595) # Vulnerability details ## Impact The EvolvingProteus.depositGivenInputAmount function is used to calculate the output amount of LP tokens given an input amount of reserve tokens. The EvolvingProteus.withdrawGivenOutputAmount function is used to calculate the amount of LP tokens that must be burned given an output amount of reserve token. Both above functions will calculate the changed LP token supply proportionately to the change in the utility of the pool. In the function execution of the above two functions (depositGivenInputAmount and withdrawGivenOutputAmount) the _reserveTokenSpecified internal function is called. The _reserveTokenSpecified function is used to compute the changed amount of the LP token supply based on the proportional change of the utility of the pool. The issue here is that after the LP token total supply change calculation, there is no check performed on the token balance reserves and balance reserve ratio. Hence this function does not verify whether the reserve balances are within the valid boundaries once the transaction is performed. Both the EvolvingProteus._swap function and the EvolvingProteus._lpTokenSpecified functions ensure that reserve balances are within valid boundaries once the respective transactions are completed by calling the EvolvingProteus._checkBalances private function. But the _reserveTokenSpecified function does not call on the EvolvingProteus._checkBalances function to verify whether the reserve balances are within the valid boundaries once the transaction is completed. The EvolvingProteus.depositGivenInputAmount transaction will deposit an amount of specified token amount, which could decrease the y.divi(x) (here y is the non-specified token amount and x is the specified token amount deposited) below the MIN_M value (since x is increasing as its getting deposited). Hence the transaction should revert since the reserve token balance ratio is invalid. But the transaction will execute successfully because there is no check performed to identify this issue. Similarly when calling the EvolvingProteus.withdrawGivenOutputAmount transaction, an amount of specified token will be withdrawn from the pool. This will decrease the specified token balance of the pool and could increase the y.divi(x) ratio (since x is the specified token and it is getting decreased thus increasing the ratio) beyond the MAX_M value. Hence the transaction should revert since the reserve token balance ratio is invalid. But the transaction will execute successfully because there is no check performed to identify this issue. Hence it is clear lack of reserve balance checks in the _reserveTokenSpecified function breaks the key invariants related to the reserve token balances and reserve token balance ratio during deposit and withdraw transactions. Hence this breaks key behaviour of the protocol. ## Proof of Concept function _reserveTokenSpecified( SpecifiedToken specifiedToken, int256 specifiedAmount, bool feeDirection, int256 si, int256 xi, int256 yi ) internal view returns (int256 computedAmount) { int256 xf; int256 yf; int256 ui; int256 uf; { // calculating the final price points considering the fee if (specifiedToken == SpecifiedToken.X) { xf = xi + _applyFeeByRounding(specifiedAmount, feeDirection); yf = yi; } else { yf = yi + _applyFeeByRounding(specifiedAmount, feeDirection); xf = xi; } } ui = _getUtility(xi, yi); uf = _getUtility(xf, yf); uint256 result = Math.mulDiv(uint256(uf), uint256(si), uint256(ui)); require(result < INT_MAX); int256 sf = int256(result); // apply fee to the computed amount computedAmount = _applyFeeByRounding(sf - si, feeDirection); } function _checkBalances(int256 x, int256 y) private pure { if (x < MIN_BALANCE || y < MIN_BALANCE) revert BalanceError(x,y); int128 finalBalanceRatio = y.divi(x); if (finalBalanceRatio < MIN_M) revert BoundaryError(x,y); else if (MAX_M <= finalBalanceRatio) revert BoundaryError(x,y); } _checkBalances(xi + specifiedAmount, yi + computedAmount); _checkBalances(xi + computedAmount, yi + specifiedAmount); computedAmount = _applyFeeByRounding(xf - xi, feeDirection); computedAmount = _applyFeeByRounding(yf - yi, feeDirection); ## Tools Used VSCode and Manual Review ## Recommended Mitigation Steps It is recommended to call the EvolvingProteus._checkBalances function with the relevant parameters at the end of the _reserveTokenSpecified function, to verify once the deposit or withdraw transaction is over the reserve balances and reserve balance ratio are within the valid boundaries of the protocol. ## Assessed type Other --- The text was updated successfully, but these errors were encountered: All reactions