Leech is a cross-chain protocol enabling multichain yield farming via Stargate bridge, aggregating yielding strategies in a user interface for their management.
METHODOLOGY
We began our review using static analysis tools, including Wake. We then took a deep dive into the logic of the contracts. After writing simple unit tests, we prepared a manually-guided differential forking fuzz test to verify protocol implementation and integration with external dependencies, including Velodrome V2 and Velodrome V3.
SCOPE
The audit was performed on strategies for Velodrome V2 and Velodrome V3, and the commit ba2a75. The scope was the following:
- contracts/core/LeechRouter.sol
- contracts/core/LeechSwapper.sol contracts/core/BanList.sol contracts/core/rewarder/Rewarder.sol
- contracts/strategies/BaseStrategy.sol
- contracts/strategies/farming/Velodrome/StrategyVelodromeV2StableFarm.sol
- contracts/strategies/farming/Velodrome/StrategyVelodromeV2StableCHID AIFarm.sol
- contracts/strategies/farming/VelodromeV3/StrategyVelodromeV3StableFarm.sol
- contracts/strategies/farming/VelodromeV3/StrategyVelodromeV3_USDC_LUSD.sol
- contracts/strategies/farming/VelodromeV3/StrategyVelodromeV3_USDC_SDAI.sol
- contracts/strategies/farming/VelodromeV3/StrategyVelodromeV3_USDC_SUSD.sol
The second revision was conducted on commit caafd3, which included the fix of C1. The third revision was then conducted on commit 4245d0, reviewing the fix of H1.
FINDINGS
The classification of a security finding is determined by two ratings: impact and likelihood. This two-dimensional classification helps clarify the severity of individual issues. Issues which would be rated as medium severity, but which would be likely discovered only by the team, are typically decreased by the likelihood factor to the warning or informational severity ratings.
The audit resulted in 32 total findings ranging from informational to critical severity. 12 were identified using Wake‘s static analysis. The detailed outputs from Wake (including code snippets) are available in the full audit summary.
During manual review, we checked if:
- External calls to untrusted contracts cannot be abused for reentrancy;
- Cross-chain interaction is correctly implemented;
- The arithmetic of internal accounting is correct;
- Access controls are not too relaxed or too strict;
- Token arithmetic inside the protocol match the documentation and expectations;
- The integration with external dependencies is correctly implemented; and
- There are any common issues such as data validation.
The most severe finding C1 posed a risk of loss of all funds transferred cross-chain to the LeechRouter due to the non-atomicity of cross-chain transactions executed by the protocol. This critical vulnerability was discovered in already-deployed Leech protocol contracts on several chains, including Optimism and Binance Smart Chain.
Ackee Blockchain Security initiated an immediate responsible disclosure to Leech as soon as the findings were discovered. Thanks to prompt engagement, all assets were protected by pausing cross-chain transactions.
Critical severity
C1: Lack of atomicity in cross-chain transactions
High severity
H1: Donation attack
Medium severity
M1: data.swapperAddress is not checked in the withdraw function
M2: Initialization function vulnerable to frontrunning
M3: The strategy.poolShare attribute is not checked properly
Low severity
L1: No error reported if no bridge configured
L2: Pool configuration data can be overwritten
L3: Oracle price feed data validation missing
L4: External interaction with Chainlink is not handled appropriately
L5: Two-step ownership is not used
Warning severity
W1: Using transfer instead of call
W2: Direct token balance checks using balanceof(address(this)) present a security risk
W3: Getter of pools does not return all members of a complex structure
W4: Unnecessary token swaps in withdrawal process
W5: Epoch time range overlap in reward distribution
W6: Account abstraction users cannot receive unused funds back
W7: Missing storage gaps
Informational severity
I1: console.log statements present in production code
I2: Unused custom error declarations
I3: Unused event declarations
I4: Autocompound function lacks access control
I5: Unused contract functions
I6: Unused imports
I7: Unused modifiers
I8: Unused using for
I9: Inconsistent msg.sender role validation in pause functions
I10: The initializePosition function in Velodrome V3 strategies should be external
I11: Unused function parameters
I12: Inconsistent parameter naming in setRoutes functions across Velodrome strategies
I13: Unused multichain integration code present in codebase
I14: Unused interface and library
I15: Incorrect event name in NatSpec documentation
TRUST MODEL
Users had to trust:
- The protocol finalizer, an off-chain component responsible for finalizing cross-chain transactions and having withdrawal privileges for all protocol funds.
CONCLUSION
The most severe finding C1 posed a risk of loss of all funds transferred cross-chain to the LeechRouter due to the non-atomicity of cross-chain transactions executed by the protocol. This critical vulnerability was discovered in already-deployed Leech protocol contracts on several chains, including Optimism and Binance Smart Chain.
Ackee Blockchain Security initiated an immediate responsible disclosure to Leech as soon as the findings were discovered. Thanks to prompt engagement, all assets were protected by pausing cross-chain transactions. The C1 vulnerablility was fixed and the finalizer removed.
We would also like to thank Optimism’s Subsidized Audit Grants V2 program for funding Leech’s audit. Without the support from Optimism, these vulnerabilities could have gone unnoticed.
Ackee Blockchain Security recommends Leech to:
- Reconsider the design of cross-chain transactions in the protocol;
- Ensure all Chainlink feed registry contracts maintained by Leech provide up-to-date price feeds and comply with expected behavior; and
- Address all other reported issues.
Ackee Blockchain Security’s full Leech audit report can be found here.
We were delighted to audit Leech and look forward to working with them again.
