So, while we do not know the exact exploit that happened on @GammaStrategies, we want to share an attack vector which applies to many vaults.
The TLDR is to *never* allow users to trigger deposits, as this can get exploited if the liquidity ranges are based on the currentTick.
How is that possible?
1. Add liquidity to a range which is very far away, such that tokenX is very valuable.
2. Swap the pool to this range such that the price of X is very high.
3. Trigger a deposit of the vaults assets (this can even be a compound tx). As the vault will take the currentTick and spread the liquidity across it, maybe +-10 whatever, tokenX and tokenY are being added to that range.
4. Since tokenY is added to the left side of currentTick, the attacker can now swap tokenX for tokenY, abusing the very high price of tokenX, such that 1 tokenX results in 1000 tokenY.
5. The attacker now successfully drained one side of the reserves from the deposit.
While we saw a snippet of the code, posted from @officer_cia, it might indicate that the attacker got the full shares and then stole a part of his own deposit, which decreases the overall vault value including his own shares, but during a withdrawal of the attacker's shares results in a net profit. However, this is just our idea based on the 2 minutes we spent on this screenshot. It might be something else, but we highly guess it’s connected to the above root issue.
The TLDR is to *never* allow users to trigger deposits, as this can get exploited if the liquidity ranges are based on the currentTick.
How is that possible?
1. Add liquidity to a range which is very far away, such that tokenX is very valuable.
2. Swap the pool to this range such that the price of X is very high.
3. Trigger a deposit of the vaults assets (this can even be a compound tx). As the vault will take the currentTick and spread the liquidity across it, maybe +-10 whatever, tokenX and tokenY are being added to that range.
4. Since tokenY is added to the left side of currentTick, the attacker can now swap tokenX for tokenY, abusing the very high price of tokenX, such that 1 tokenX results in 1000 tokenY.
5. The attacker now successfully drained one side of the reserves from the deposit.
While we saw a snippet of the code, posted from @officer_cia, it might indicate that the attacker got the full shares and then stole a part of his own deposit, which decreases the overall vault value including his own shares, but during a withdrawal of the attacker's shares results in a net profit. However, this is just our idea based on the 2 minutes we spent on this screenshot. It might be something else, but we highly guess it’s connected to the above root issue.
