Skip to main content
This is a fairly simple bug that let anyone mint rewardTokens. Background: https://x.com/storming0x/status/1473321779250802693

What Happened

  • The deposit function lets anyone mint rewardTokens if
    • the from address is a contract and has an owner and where msg.sender == owner
  • It is intended that the from address sends the underlying token to this contract
    • But it does not check whether delegatedTransferERC20 is implemented correctly
    • it can be a noop
  • The attacker can mint rewardTokens to himself

Assertion Pattern

While this is an obvious bug, an invariant could have prevented an exploit of the bug. Invariant:
Alternatively, the assertion could test the correct behavior of the previous transaction. The assertion could be triggered by a call to the deposit function.