prevent griefing where attacker front-runs dust transfer to trigger E_ZeroShares

hoytech · hoytech · commit b3dfd8548c85 · 2025-02-25T12:11:52.000-05:00
diff --git a/src/EulerSwap.sol b/src/EulerSwap.sol
@@ -3,6 +3,7 @@ pragma solidity ^0.8.27;
 
 import {IEVC} from "evc/interfaces/IEthereumVaultConnector.sol";
 import {IEVault, IERC20, IBorrowing, IERC4626, IRiskManager} from "evk/EVault/IEVault.sol";
+import {Errors as EVKErrors} from "evk/EVault/shared/Errors.sol";
 import {IUniswapV2Callee} from "./interfaces/IUniswapV2Callee.sol";
 import {IEulerSwap} from "./interfaces/IEulerSwap.sol";
 import {IAllowanceTransfer} from "permit2/src/interfaces/IAllowanceTransfer.sol";
@@ -50,6 +51,7 @@ contract EulerSwap is IEulerSwap, EVCUtil {
     error DifferentEVC();
     error AssetsOutOfOrderOrEqual();
     error CurveViolation();
+    error DepositFailure(bytes reason);
 
     modifier nonReentrant() {
         if (status == 0) activate();
@@ -108,16 +110,10 @@ contract EulerSwap is IEulerSwap, EVCUtil {
         // Deposit all available funds, adjust received amounts downward to collect fees
 
         uint256 amount0In = IERC20(asset0).balanceOf(address(this));
-        if (amount0In > 0) {
-            depositAssets(vault0, amount0In);
-            amount0In = amount0In * feeMultiplier / 1e18;
-        }
+        if (amount0In > 0) amount0In = depositAssets(vault0, amount0In) * feeMultiplier / 1e18;
 
         uint256 amount1In = IERC20(asset1).balanceOf(address(this));
-        if (amount1In > 0) {
-            depositAssets(vault1, amount1In);
-            amount1In = amount1In * feeMultiplier / 1e18;
-        }
+        if (amount1In > 0) amount1In = depositAssets(vault1, amount1In) * feeMultiplier / 1e18;
 
         // Verify curve invariant is satisified
 
@@ -199,8 +195,12 @@ contract EulerSwap is IEulerSwap, EVCUtil {
         }
     }
 
-    function depositAssets(address vault, uint256 amount) internal {
-        IEVault(vault).deposit(amount, myAccount);
+    function depositAssets(address vault, uint256 amount) internal returns (uint256) {
+        try IEVault(vault).deposit(amount, myAccount) {}
+        catch (bytes memory reason) {
+            require(bytes4(reason) == EVKErrors.E_ZeroShares.selector, DepositFailure(reason));
+            return 0;
+        }
 
         if (IEVC(evc).isControllerEnabled(myAccount, vault)) {
             IEVC(evc).call(
@@ -211,6 +211,8 @@ contract EulerSwap is IEulerSwap, EVCUtil {
                 IEVC(evc).call(vault, myAccount, 0, abi.encodeCall(IRiskManager.disableController, ()));
             }
         }
+
+        return amount;
     }
 
     function myDebt(address vault) internal view returns (uint256) {
diff --git a/test/DepositFailures.t.sol b/test/DepositFailures.t.sol
@@ -0,0 +1,88 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+pragma solidity ^0.8.24;
+
+import {IEVault, IEulerSwap, EulerSwapTestBase, EulerSwap, TestERC20} from "./EulerSwapTestBase.t.sol";
+import {IRMTestFixed} from "evk-test/mocks/IRMTestFixed.sol";
+import {Errors as EVKErrors} from "evk/EVault/shared/Errors.sol";
+import "evk/EVault/shared/Constants.sol" as EVKConstants;
+
+contract DepositFailuresTest is EulerSwapTestBase {
+    EulerSwap public eulerSwap;
+    address public griefer = makeAddr("griefer");
+
+    function setUp() public virtual override {
+        super.setUp();
+
+        eulerSwap = createEulerSwap(50e18, 50e18, 0, 1e18, 1e18, 0.4e18, 0.85e18);
+    }
+
+    function test_griefing() public monotonicHolderNAV {
+        // Make a borrow to push exchange rate > 1
+
+        eTST2.setInterestRateModel(address(new IRMTestFixed()));
+
+        mintAndDeposit(griefer, eTST, 100e18);
+
+        vm.prank(griefer);
+        evc.enableCollateral(griefer, address(eTST));
+        vm.prank(griefer);
+        evc.enableController(griefer, address(eTST2));
+
+        vm.prank(griefer);
+        eTST2.borrow(1e18, griefer);
+        skip(1);
+
+        // Do a swap
+
+        uint256 amountIn = 1e18;
+        uint256 amountOut =
+            periphery.quoteExactInput(address(eulerSwap), address(assetTST), address(assetTST2), amountIn);
+        assertApproxEqAbs(amountOut, 0.9974e18, 0.0001e18);
+
+        // Honest deposit
+        assetTST.mint(address(this), amountIn);
+        assetTST.transfer(address(eulerSwap), amountIn);
+
+        // Griefer front-runs with 1 wei deposit, which rounds down to 0 shares
+        assetTST2.mint(address(this), 1);
+        assetTST2.transfer(address(eulerSwap), 1);
+
+        // Naive deposit() would fail with E_ZeroShares
+        eulerSwap.swap(0, amountOut, address(this), "");
+
+        assertEq(assetTST2.balanceOf(address(this)), amountOut);
+
+        assertEq(assetTST2.balanceOf(address(eulerSwap)), 1); // griefing transfer was untouched
+    }
+
+    function test_depositFailure() public monotonicHolderNAV {
+        // Do a swap
+
+        uint256 amountIn = 1e18;
+        uint256 amountOut =
+            periphery.quoteExactInput(address(eulerSwap), address(assetTST), address(assetTST2), amountIn);
+        assertApproxEqAbs(amountOut, 0.9974e18, 0.0001e18);
+
+        // Honest deposit
+        assetTST.mint(address(this), amountIn);
+        assetTST.transfer(address(eulerSwap), amountIn);
+
+        // Griefer front-runs with 1 wei deposit, which rounds down to 0 shares
+        assetTST2.mint(address(this), 1);
+        assetTST2.transfer(address(eulerSwap), 1);
+
+        // Force deposits to fail
+        eTST2.setHookConfig(address(0), EVKConstants.OP_DEPOSIT);
+
+        vm.expectRevert(
+            abi.encodeWithSelector(
+                EulerSwap.DepositFailure.selector, abi.encodeWithSelector(EVKErrors.E_OperationDisabled.selector)
+            )
+        );
+        eulerSwap.swap(0, amountOut, address(this), "");
+
+        assertEq(assetTST2.balanceOf(address(this)), 0);
+
+        assertEq(assetTST2.balanceOf(address(eulerSwap)), 1); // griefing transfer was untouched
+    }
+}
