#42553 [SC-Medium] Sandwich attack on `MoneyBrinter_compound` allows extracting rewards intended for LPs
Was this helpful?
Was this helpful?
Submitted on Mar 24th 2025 at 16:06:04 UTC by @OldDingo56530 for
Report ID: #42553
Report Type: Smart Contract
Report severity: Medium
Target: https://github.com/immunefi-team/audit-comp-yeet/blob/main/src/contracts/MoneyBrinter.sol
Impacts:
Theft of unclaimed yield
The MoneyBrinter::compound
function is vulnerable to a sandwich attack that allows an attacker to extract rewards intended for legitimate liquidity providers (LPs).
An attacker can monitor the mempool for compound
calls, front-run with a maximal deposit to capture a majority of the share supply, wait for compound
to execute, then back-run with an immediate withdrawal to extract the share's inflated value. This attack is atomic within one block and remains profitable as long as the extracted value exceeds the withdrawal fee.
With a sufficient liquidity and infrequent compound
calls, a significant amount of rewards will accumulate, making this attack even more lucrative for the attacker.
One solution could be:
Disallow deposits in the same block as the compound
call to prevent front-running
This mitigation prevents the attacker from front-running the compound
call with a deposit in the same block. By ensuring that deposits and the compound
function cannot be executed in the same block, the attacker is unable to predict and front-run the compound
call, rendering the sandwich attack infeasible.
Attacker monitors the mempool for upcoming calls to MoneyBrinter::compound
by the manager.
Attacker front-runs the compound
call with a maximal deposit to gain a majority share of the MoneyBrinter
LP token supply.
The sandwiched compound
call executes, depositing previously harvested rewards from harvestKodiakRewards
and harvestBeradromeRewards
, which increases the underlying share value.
Attacker back-runs the compound
call with an immediate withdrawal of their inflated shares, extracting the harvested rewards (minus the 4% fees).
Attacker repeats this attack on all future worth compound
calls.