April 6th 2023

Owner: @0xBill.arb

Shared with: Max+ | Overnight.fi and alter+ | Overnight.fi

Status: Review

Published: April 12th 2023

Executive Summary

Impact: Risking losing deployer's hot private key would break Auragi completely.

Root cause: @0xBill.arb added setFee to tailor trading fee for our partner protocols.

function setFee(uint value) external {
    require(msg.sender == factory, "!factory");
    require(value >= MAX_FEE, "max");
    swapFee = value;
    emit FeesChanged(value);
}

Instead of:

function setFee(uint value) external {
    require(msg.sender == factory, "!factory");
    require(value <= MAX_FEE, "max");
    swapFee = value;
    emit FeesChanged(value);
}

In case that deployer's hot private key is compromised, the attacker can setFee to 100% so no one would swap on Auragi. This is a fatal risk!

Problem Summary

Duration of problem: 5 hours

Product(s) affected: PairFactory smart contract

User impact: None

Revenue impact: None

Detection: alter+ | Overnight.fi found the issue due to code due diligence before providing liquidity on Auragi:

Resolution:

Step 1: Deploy a Self Destruct smart contract to be FeeManager.

Step 2: Deployer setFeeManager to the Self Destruct smart contract.

Step 3: Call acceptPermission on the Self Destruct smart contract.

Impact: No longer able to setFee for protocols if requested.

User impact: The trading fees are always: 0.01% for stable pools and 0.05% for volatile pools. Trading fees will never change.

Revenue impact: None

Lessons Learned

Things that went well

• Overnight.fi team identified a critical risk for us.

• Auragi team quickly fixed the issue with self destruct smart contract.

Things that went poorly

• Our unit-tests did not cover this case.

• Our Testnet also did not test setFee.

Where we got lucky

• Our deployer private key is a hot key so discovering and fixing this issue early is very lucky for us. If compromised, it would have been fatal for Auragi.

Action Items