You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Fungible Vault Token implements the ERC-4626 tokenized vault standard, enabling fungible tokens to represent shares in an underlying asset pool. This module allows users to deposit underlying assets in exchange for vault shares, and later redeem those shares for the underlying assets. The vault maintains a dynamic conversion rate between shares and assets based on the total supply of shares and total assets held by the vault contract.
7
+
The Fungible Vault Token implements the ERC-4626 tokenized vault standard,
8
+
enabling fungible tokens to represent shares in an underlying asset pool. The tokenized vault standard
9
+
is the formalized interface for yield-bearing vaults that hold underlying assets. Vault shares enable
10
+
hyperfungible collaterals in DeFi.
11
+
12
+
This module allows users to deposit underlying assets in exchange for vault shares, and later redeem
13
+
those shares for the underlying assets. The vault maintains a dynamic conversion rate between shares and
14
+
assets based on the total supply of shares and total assets held by the vault contract.
8
15
9
16
## Overview
10
17
@@ -96,11 +103,13 @@ If a higher offset is required, a custom version of `set_decimals_offset()` must
96
103
### Inflation (Precision) Attacks
97
104
98
105
The virtual decimals offset helps protect against inflation attacks where an attacker:
99
-
1. Deposits 1 wei to get the first share
100
-
2. Donates a large amount directly to the vault
101
-
3. Causes subsequent depositors to receive 0 shares due to rounding
106
+
1. Deposits 1 stroop to get the first share (becoming the sole shareholder)
107
+
2.**Donates** (not deposits) an enormous amount of assets directly to the vault contract via a direct transfer, without receiving any shares in return. This inflates the vault's total assets while keeping total shares at 1, making that single share worth an enormous amount
108
+
3. When a legitimate user tries to deposit a normal amount (e.g., 1000 stroops), the share calculation rounds down to 0 shares because their deposit is negligible compared to the inflated vault balance. The user loses their deposit while receiving nothing
109
+
110
+
For example: If the attacker donates 1,000,000 stroops after their initial 1 stroop deposit, the vault has 1,000,001 total assets and 1 total share. A user depositing 1000 stroops would receive `(1000 × 1) / 1,000,001 = 0.000999` shares, which rounds down to 0.
102
111
103
-
The offset adds virtual shares and assets to the conversion formula, making such attacks economically infeasible.
112
+
The offset adds virtual shares and assets to the conversion formula, making such attacks economically infeasible by ensuring the denominator is never so small that legitimate deposits round to zero.
0 commit comments