-
Notifications
You must be signed in to change notification settings - Fork 41
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[swaps] Check Balancer security audit #485
Comments
2, 4, 5, 6 , 7 seem to be EVM-only problems or based on Balancer's concept of a non-finalized pool. |
3 is resolved in Balancer and Zeitgeist |
1 is also based on Balancer's "controller" address and non-finalized pools. Note that this vulnerability is not related to #496. |
Regarding 8, the report later states (p. 44):
Not sure what "reaching zero" refers to, or what zero division errors this is refering to, but we have a check that ensures that Furthermore, the report states on the same page:
This checks out. Rounding errors can also be "exploited" to withdraw more liquidity from the pool than you own, but even in pools with extremely large liquidity, these "profit" is well below the required amount of transaction fees. Finally, the report suggests the following long-term solution on p. 27:
I agree. I don't see the use case for exact amount-out. On the other hand, this issue displays a conceptual security issue associated with exact amount-out extrinsics. |
Regarding 10, see the comments above. To elaborate on the scope of this issue, in a pool with |
9 deals with small token balances, and kind of highlights why it's important to 1) require a sufficiently large amount of minimum liquidity and 2) ensure that no balance in the pool gets drained close to zero (using a in/out limit of, say, 30%). As in the case of 8 and 10, this is a matter of scale. Given our existential balance of 1 cent, this seems unproblematic to me. |
Regarding 12, I've raised this issue: zeitgeistpm/documentation#37 |
15 seems to be lacking detail. I can't say I see the issue here. |
14 doesn't seem to pertain to our implementation. Should our pools have a maximum balance? |
13 is fixed in Balancer and seems to have been cause by letting the controller specify the amount of pool tokens to be minted when finalizing the pool. None of this plays a role in our code. |
11 - doesn't seem possible to do this attack thanks to in/out ratios. |
balancer.fi published a security audit for Balancer v1: https://github.com/balancer-labs/balancer-core/blob/master/Trail%20of%20Bits%20Full%20Audit.pdf
We should review which of these findings apply to our implementation of Balancer pools.
The text was updated successfully, but these errors were encountered: