PWN is a platform for peer-to-peer lending and borrowing of ERC-20 tokens with any token as collateral. Loans may be opened with different types to define the relationship between the amounts of borrowed credit and collateral.
PWN engaged Ackee Blockchain Security for a total of three audits in November and December of 2024. The audit highlights include:
- A total of 13 findings, including two criticals.
- Both critical vulnerabilities were found in already-deployed code, meaning all deposited ERC-20 assets were at risk.
- These were missed by two previous audits of PWN before Ackee Blockchain Security’s review.
- Both criticals were discovered using Wake’s static analysis and fuzz testing tools.
METHODOLOGY
We began our review by preparing manually-guided differential forking fuzz tests in the Wake testing framework to verify the protocol implementation, and its integration with external dependencies, including the Chainlink and Aave protocols.
Our second review started with updating the fuzz test created in the first review. We then proceeded by running Wake static analysis detectors and performing a manual code review of the code changes. During the manual review, we specifically focused on the correct integration with Chainlink and the rest of the codebase.
SCOPE
The audit was performed on the commit 7ea4dein the PWN Protocol repository and commit 17db9b in the PWN Periphery repository.
The scope of the first audit included:
- The entire
srcdirectory of the PWN Protocol repository, excludingsrc/Deployments.soland - The
src/pool-adapterdirectory in the PWN Periphery repository.
Revision 2.0 was performed on the commit bbe7d9in the PWN Protocol repository, and the audit focused on the changes made to the codebase since the first review.
Revision 2.1 involved reviewing a fix of one finding discovered in the second revision, and the incomplete fix of a critical issue from the first review. The review was conducted on the commit 6f390c.
FINDINGS
The classification of a security finding is determined by two ratings: impact and likelihood. This two-dimensional classification helps clarify the severity of individual issues. Issues which would be rated as medium severity, but which would be likely discovered only by the team, are typically decreased by the likelihood factor to the warning or informational severity ratings.
The Wake testing framework helped us discover five findings, including one critical issue. The full source code of all fuzz tests is available here.
Wake’s static analysis detectors then identified two other issues, one of which was critical. During manual review, we focused on whether:
- External calls to untrusted contracts cannot be abused for reentrancy attacks;
- Contracts are resistant to signature replay attacks;
- Token arithmetics inside the protocol match the documentation and our expectations; and
- Integration with external dependencies is correctly implemented.
Our second review resulted in one medium-severity finding, which prevented the use of elastic Chainlink loan proposals due to an incorrect implementation of EIP-712 data encoding. The full source code of the updated fuzz test is available here.
The five remaining findings were rated as warnings and informational.
Critical severity
C1: Loan refinancing reentrancy
C2: Incorrect optimization in loan refinancing
High severity
No high severity issues were found.
Medium severity
M1: Chainlink common denominator bad logic
M2: Outdated/reverting Chainlink feed causes DoS
M3: Non-upgradable base contracts
M4: Incorrect EIP-712 typehash
M5: Incorrect EIP-712 data encoding
Low severity
L1: Decimal detection may lead to unexpected reverts
Warning severity
W1: Older versions of Aave and Compound not supported
W2: creditPerCollateralUnit division by zero
W3: checkTransfer sender and receiver collision
Informational severity
I1: revokeNonces nonce space can be cached
I2: LoanDefaulted(uint40) error parameter not named
CONCLUSION
Ackee Blockchain Security’s audit of PWN led to a total of 13 findings ranging in severity from informational to critical.
The most severe findings, C1 and C2, posed the risk of all ERC-20 tokens deposited in the protocol being stolen. Both critical vulnerabilities were discovered as present in already-deployed PWN contracts on several major chains, including Ethereum mainnet, Polygon, Arbitrum, and Optimism. The code that contained both critical vulnerabilities had already been audited by two independent companies (not Ackee Blockchain Security).
As soon as the findings were discovered, we initiated an immediate responsible disclosure to PWN. Thanks to prompt engagement, all assets were protected and vulnerabilities mitigated.
Ackee Blockchain Security recommends PWN to:
- Implement static analysis tools like Wake to detect potential attack vectors;
- Apply reentrancy guards on all public functions that perform external calls to untrusted contracts;
- Ensure all Chainlink-like feed registry contracts maintained by PWN provide necessary price feeds and comply with expected behavior;
- Exercise caution during contract upgrades regarding storage layout;
- Only deploy the updated PWNConfig contract with a new proxy to avoid issues caused by storage layout changes;
- Reconsider applying reentrancy guards on all public functions that perform external calls to untrusted contracts;
- Be cautious when implementing EIPs to ensure full compatibility with the standard; and
- Address all reported issues.
Ackee Blockchain Security’s full PWN audit report can be found here.
We were delighted to audit PWN and look forward to working with them again.
