PoolTogether - Mitigation Review
A protocol for no-loss prize savings.
- Start date21 Aug 2023
- End date29 Aug 2023
- Total awards$27,150 USDC
- Duration8 days
- Details
PoolTogether - Mitigation Review details
- Total Prize Pool: $27,150 USDC
- Warden guidelines for C4 mitigation reviews
- Submit findings using the C4 form
- Starts August 21, 2023 20:00 UTC
- Ends August 29, 2023 20:00 UTC
Important note
Each warden must submit a mitigation review for every High and Medium finding from the parent audit that is listed as in-scope for the mitigation review. Incomplete mitigation reviews will not be eligible for awards.
Findings being mitigated
Mitigations of all High and Medium issues will be considered in-scope and listed here.
- H-01: The _currentExchangeRate of the Vault contract can't increase, and always be lower than or equal to _assetUnit
- H-02: Malicious user can steal other user's deposits from Vault.sol
- H-03: _amountOut is representing assets and shares at the same time in the liquidate function
- H-04: Vault.mintYieldFee FUNCTION CAN BE CALLED BY ANYONE TO MINT Vault Shares TO ANY RECIPIENT ADDRESS
- H-05: Delegated amounts can be forcefully removed from anyone in the TwabController
- H-06: Resetting delegation will result in user funds being lost forever
- H-07: _requireVaultCollateralized() is called at the beginning of the functions mintYieldFee() and liquidate()
- H-08: Increasing reserves breaks PrizePool accounting
- H-09: Vault is not compatible with some erc4626 vaults
- M-02: Unintended or Malicious Use of Prize Winners' Hooks
- M-03: TwabLib::getTwabBetween can return innacurate balances if _startTime and _endTime aren't safely bounded
- M-04: deposit function does not check for the maxMint amount.
- M-05: Balance invariant between individual and total twabs can be broken
- M-06: drawManager CAN BE SET TO A MALICIOUS ADDRESS
- M-07: In important libraries of PoolTogether, the pow() function of PRBMath is used, which exhibits inconsistent return values
- M-08: Attacker can frontrun deployVault to deploy at the same address
- M-09: High Prizes might not be claimed
- M-10: PrizePool -> Winners wouldn't be able to claim prize correctly in claimPrize function
- M-11: Vault.mintWithPermit() can be DOSed
- M-12: Tier odds in TieredLiquidityDistributor are incorrect
- M-13: Users can manipulate observation creation
- M-14: Number of prize tiers always increases if just 1 canary prize is claimed
- M-15: Tiers can be mantained active to give unfair advantage to user through DoS
- M-16: Threshold check for adding of new tiers is skipped when _nextNumberOfTiers is at the maximum
- M-18: Exchange Rate Change in Case of Lossy Strategy will cause the Vault to Undercollateralized for generic ERC4626 Yield Vaults
- M-19: Silent overflow could alter computation when calculating the vaultPortion in the PrizePool contract
- M-20: Improper handling of cases when withdrawable assets = 0
- M-21: Vault contribution calculations wrongly include the current round when claiming prizes
- M-22: Loss of precision leads to undercollateralized
- M-23: Vault does not conform to ERC4626
- M-24: Claimer.claimPrizes can be frontrunned in order to make losses for the claim bot
- M-25: depositWithPermit and mintWithPermit are allowed to be called by permit creator only
- M-26: Transfer of Vault tokens can cause accounting errors in other contracts
- M-27: Inconsistent behavior for canary claims in claimer
Overview of changes
- Twab Controller now checks query timestamps for safety. When requesting a twab, timestamps:
- are required to be finalized; i.e. cannot occur during an overwrite period
- are aligned to period boundaries.
- Tier adjustment algorithm
- The canary tier has been simplified, so that the prize size is adjusted instead of the number of prizes. Now the unified claim count across normal + canary tiers is used to determine the next number of tiers.
- Vault exchange rate
- The Vault now assumes shares are 1:1 with underlying assets, unless the vault is undercollateralized. No exchange rate is stored.
Mitigations to be reviewed
Branch
(all PRs have been merged into main)
Individual PRs
| URL | Mitigation of | Purpose |
|---|---|---|
| VAULT-PR-13 | H-01 | The issue turned out not to be the case; the exchange rate is always <= 1 (yield is liquidated). However, comments were added to clarify the behaviour |
| VAULT-PR-9 | H-02 | Added SafeCast |
| VAULT-PR-6 | H-03 | Fixed conversion and naming of field |
| VAULT-PR-7 | H-04 | Removed recipient param |
| VAULT-PR-19 | H-05 | Removed recipient param |
| TWAB-PR-7 | H-06 | Added check for zero address |
| VAULT-PR-13 | H-07 | Fixed check for partial collateralization |
| PRIZE-PR-18 | H-08 | Fixed reserve accounting |
| VAULT-PR-37 | H-09 | Fixed undercollateralized redemption while providing an exit |
| VAULT-PR-21 | M-02 | Added hook gas limits and error handling |
| TWAB-PR-5 | M-03 | Ensure search timestamps are on or at period end timestamps |
| VAULT-PR-11 | M-04 | Fixed 4626 compliance |
| TWAB-PR-6 | M-05 | Reject transfers to the sponsorship address |
| PRIZE-PR-31 | M-06 | Record deployer and permission draw manager |
| PRIZE-COMMIT-ba56ea8b | M-07 | Upgrade PRBMath to v4 and Solidity to 0.8.19 |
| VAULT-PR-25 | M-08 | Used CREATE2 for VaultFactory |
| CLAIMER-PR-7 | M-09 | Made max fee a function of the tier's prize size, not the smallest prize size |
| PRIZE-PR-16 | M-10 | Improved handling of prize size overflow |
| VAULT-PR-15 | M-11 | Removed mintWithPermit |
| PRIZE-PR-24 | M-12 | Recomputed Tier odds, reduced number of tiers, made grand prize period draws configurable |
| TWAB-PR-5 | M-13 | Aligned twab queries on period boundaries |
| PRIZE-PR-17 | M-14 | Superseceded by the simplification of tier expansion logic |
| PRIZE-PR-17 | M-15 | Improved tier shrinking, retention, and expansion logic |
| PRIZE-PR-17 | M-16 | Simplified tier expansion logic |
| VAULT-PR-27 | M-18 | Redeemed underlying liquidity using shares, not assets directly. This socializes losses, if any. |
| PRIZE-PR-22 | M-19 | Added SafeCast |
| VAULT-PR-17 | M-20 | Vault shares are now 1:1 with underlying asset, and the exchange logic has been simplified |
| PRIZE-PR-10 | M-21 | Draw query ends on closed draw |
| VAULT-PR-18 | M-22 | Improved vault share / asset calculation |
| VAULT-PR-11 | M-23 | Fixed compliance with 4626 |
| CLAIMER-PR-8 VAULT-PR-22 PRIZE-PR-23 | M-24 | Added minVrgdaFee and allowed silent failure of claims |
| VAULT-PR-20 | M-25 | Fixed permit implementations |
| VAULT-PR-9 | M-26 | Added SafeCast |
| PRIZE-PR-17 | M-27 | Unified standard and canary tier |