Omniscia vfat Audit
FlashloanLib Manual Review Findings
FlashloanLib Manual Review Findings
FLI-01M: Inexistent Validation of Flash-Loan Validity
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  | FlashloanLib.sol: • I-1: L51, L52 • I-2: L120, L121 |
Description:
The FlashloanStrategy permits multiple flash-loan types as well as multi-collateral flash-loans to be executed, however, the FlashloanLib contract that is delegated-to by Sickles solely supports a single-asset flash-loan.
Impact:
The FlashloanLib while incompatible with multi-collateral flash-loans does not denote this so during its validation, causing a flash-loan repayment error to be yielded for the top-level transaction that would be identical to the contract failing for miscalculating the flash-loan repayment amounts.
Example:
46/// @notice Callback function for flashloan_deposit()47/// Optionally swaps the flashloan for the collateral asset,48/// supplies the loaned amount,49/// borrows from the debt market (plus fee) to repay the flashloan50function flashloanDepositCallback(51 address[] calldata assets,52 uint256[] calldata amounts,53 uint256[] calldata premiums,54 bytes calldata extraData55) external {56 if (msg.sender != address(flashloanStrategy)) {57 revert FlashloanStrategy.NotFlashloanStrategy();58 }59
60 Sickle sickle = Sickle(payable(address(this)));61
62 // handling uniV2/uniV3 flashloans where token1 in the Pair is the one63 // being borrowed and flashloaned asset appears at index 1 of function64 // parameters65 uint256 assetIndex = amounts[0] > 0 ? 0 : 1;66
67 FlashloanedAsset memory flashloanedAsset = FlashloanedAsset({68 contractAddress: assets[assetIndex],69 flashloanedAmount: amounts[assetIndex],70 premium: premiums[assetIndex]71 });Recommendation:
We advise the code to ensure that the input assets length is either 1 or 2, with the latter case also validating that either of the amounts is 0.
Alleviation (6ab7af3bb495b817ffec469255ea679b1813eecb):
The code was updated to impose validation on the flash loan payloads, ensuring that the maximum number of assets that can be set is 2 and guaranteeing that only a single asset has been defined in the equality case of 2.