Light
DarkOne Bug Per Day
One H/M every day from top Wardens
Join over 1125 wardens!
Receive the email at any hour!
Long term denial of service due to lack of fees in Well
mediumLines of code
Vulnerability details
Description
The Well allows users to permissionless swap assets or add and remove liquidity. Users specify the intended slippage in swapFrom, in minAmountOut.
The ConstantProduct2 implementation ensures Kend - Kstart >= 0, where K = Reserve1 * Reserve2, and the delta should only be due to tiny precision errors.
Furthermore, the Well does not impose any fees to its users. This means that all conditions hold for a successful DOS of any swap transactions.
- Token cost of sandwiching swaps is zero (no fees) - only gas cost
- Price updates are instantenous through the billion dollar formula.
- Swap transactions along with the max slippage can be viewed in the mempool
Note that such DOS attacks have serious adverse effects both on the protocol and the users. Protocol will use users due to disfunctional interactions. On the other side, users may opt to increment the max slippage in order for the TX to go through, which can be directly abused by the same MEV bots that could be performing the DOS.
Impact
All swaps can be reverted at very little cost.
POC
- Evil bot sees swap TX, slippage=S
- Bot submits a flashbot bundle, with the following TXs
- Swap TX in the same direction as victim, to bump slippage above S
- Victim TX, which will revert
- Swap TX in the opposite direction and velocity to TX (1). Because of the constant product formula, all tokens will be restored to the attacker.
Tools Used
Manual audit
Recommended Mitigation Steps
Fees solve the problem described by making it too costly for attackers to DOS swaps. If DOS does takes place, liquidity providers are profiting a high APY to offset the inconvenience caused, and attract greater liquidity.
Assessed type
DoS