Tapioca – Key threat based security review during the contest

We spent several days identifying and verifying selected threats during the Tapioca contest. 4 high severity findings were confirmed.

Basic information

Project type: Ominichain Money Market

Service: Key threat based audit (contest on Sherlock).

Results: We have identified 4 HIGH severity issues related to the integration with LayerZero V2. Removing the vulnerabilities increased user security and prevented stealing their tokens on any chain.

About the Tapioca

​TapiocaDAO is a decentralized platform offering an omnichain money market that enables users to mint, borrow, lend, and leverage assets across multiple blockchain networks.

Its core products include Singularity, an isolated risk borrowing and lending market, and Yieldbox, a permissionless token vault. The platform also introduces USDO, a decentralized over-collateralized stablecoin, and utilizes the TAP token as the backbone of its token economy.

Visit website: https://www.tapioca.xyz/

About the service scope

This particular iteration was mostly due to their integration with the new V2 version of LayerZero. The subjects of the test were selected contracts from two Tapioca repositories (Tapioca-bar and TapiocaZ), published in Sherlock’s repository.

GitHub repository: https://github.com/sherlock-audit/2024-02-tapioca/

CommitID: dc2464f420927409a67763de6ec60fe5c028ab0e

They have already hired a couple of auditors and companies for a security review before the contest on Sherlock including:

• Certora
• Code4rena
• Pashov Auditing Group + 0xWeiss and Nisedo
• Spearbit

WARNING: Even multiple audits do not provide a 100% guarantee of eliminating all vulnerabilities. Many of these companies have excellent specialists.

We have already researched security of LayerZero V1, identified the threats, and prepared a security checklist for projects integrating with LayerZero V1. Therefore, we decided to spend one week to explore the security threats arising from the newer version.

Initial challenges and constraints:

• The smart contracts had complex cross-chain business logic.
• Devoted time was limited for such a large scope (4,884 nSLOC).

Defined objectives:

• Identify key threats related to LayerZero V2 cross-chain integration.

Identified threats

We focused only on the integration with LayerZero V2 to learn the differences from V1 and leverage our expertise. As for every smart contract security review, thorough threat modeling was performed.

We also used diagrams to visually present the flow of LayerZero messages being cross-chain transferred.

The results allowed us to select the most important attack vectors that need to be verified.

The following attacker goals were identified as the most important:

• Theft of the Omnichain tokens (with the focus on USDO).
• Lock of Omnichain tokens.
• Denial of Service of the protocol (block of the cross-chain channel).
• Impersonation of market makers (Tapioca’s users).

Threat scenarios that might allow achieve attacker goals compromising the security:

• Unauthorized direct call to modules (via USDO)
• Unauthorized cross-chain call to modules via LZ messages
• Malicious nested compose messages in LZ messages
• Impersonating the caller via sendPacket function
• Block of LZ channel via Out of Gas errors
• Arbitrary external call to LZ functions (e.g. sendCompose)

Threat based security review results

A time-boxed security review outlined 6 potential threats, of which 4 were confirmed to exist within the project, particularly in aspects related to the integration with LayerZero V2.

Key findings:

• [High Severity] Unverified _srcChainSender parameter allows to impersonate the sender.
• [High Severity] Unprotected executeModule function allows to steal the tokens.
• [High Severity] Nesting remote transfer messages to steal tokens.
• [High Severity] OFT can be impersonated through _lzCompose with multiple compose messages

The time-boxed security review of the smart contracts revealed vulnerabilities in direct calls to modules, a notable point given Tapioca’s modular design. One intriguing finding was a function that, while appearing to be a legitimate feature, was actually being exploited to circumvent authorization protocols.

The advent of LayerZero V2 introduces enhanced capabilities for applications built upon it, but as always: with great power comes a great responsibility. Embracing the advanced features of LayerZero V2 necessitates a heightened commitment to security and diligence.

Contests results

By devoting only a week and full focus on integrations with LayerZero V2, we took 7th place among other great specialists.