VaultFactory.sol - reorg possibility upon Vault creation #69
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-416
satisfactory
satisfies C4 submission criteria; eligible for awards
Comments
code423n4
added
2 (Med Risk)
|
Picodes marked the issue as duplicate of #416 |
|
Picodes marked the issue as satisfactory |
c4-judge
added
the
satisfactory
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Lines of code
https://github.com/GenerationSoftware/pt-v5-vault/blob/b1deb5d494c25f885c34c83f014c8a855c5e2749/src/VaultFactory.sol#L55-L86
Vulnerability details
Description
The
VaultFactoryis a simple contract allowing users to create their own Vaults, by passing the needed parameters. These new Vaults usecreateand since the protocol will be run on multiple chains, it is susceptible to reorgs.Impact
Vaults not being deployed correctly, malicious actors overtaking ownership of new Vaults.
Proof of Concept
https://polygonscan.com/blocks_forked
Example of the great amounts of reorgs occuring on Polygon
Fraud blocks on Optimism can also lead to reorgs.
Tools Used
Manual Review
Recommended Mitigation Steps
Use the
create2to create vaults and provide all of the constructor data + salt + msg.senderAssessed type
Timing
The text was updated successfully, but these errors were encountered: