You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our current implementation of JoinPoolNoSwap only checks for whether the input set of tokens includes the tokens in the pool, but does not have any check that prevents someone from putting in an arbitrary number of arbitrary tokens. Since this is a no-swap/all-asset join, there are no other immediate checks so an invalid input can make it directly to the state-changing JoinPool function.
Add && tokenInMaxs.DenomSubsetOf(neededLpLiquidity) to x/gamm/keeper/pool_service.go/L203 so that input tokens for a no-swap pool join don’t include denoms that aren’t in the pool:
Background
Our current implementation of
JoinPoolNoSwap
only checks for whether the input set of tokens includes the tokens in the pool, but does not have any check that prevents someone from putting in an arbitrary number of arbitrary tokens. Since this is a no-swap/all-asset join, there are no other immediate checks so an invalid input can make it directly to the state-changingJoinPool
function.osmosis/x/gamm/keeper/pool_service.go
Line 180 in add306e
An example of how this could potentially be exploited for the OSMO/USDC pool (1 OSMO = 1 USDC):
JoinPoolNoSwap
tx and send in a set of [1 OSMO, 1 USDC, 1 FOO] as your inputosmosis/x/gamm/keeper/pool_service.go
Line 203 in add306e
Suggested Design
&& tokenInMaxs.DenomSubsetOf(neededLpLiquidity)
to x/gamm/keeper/pool_service.go/L203 so that input tokens for a no-swap pool join don’t include denoms that aren’t in the pool:osmosis/x/gamm/keeper/pool_service.go
Line 203 in add306e
Acceptance Criteria
The text was updated successfully, but these errors were encountered: