From a0a9d9d56e0616e01d0c6a5b67f1a4315b4eb1c7 Mon Sep 17 00:00:00 2001 From: BlackChar92 Date: Tue, 30 Jun 2026 16:11:13 +0800 Subject: [PATCH] docs(trc-4626): restore Security Considerations notes agreed in #840 Adds the share-inflation/donation mitigation and decimal-basis notes that the #840 Last Call summary said would be folded in but never landed in tip-4626.md. Non-normative: Security Considerations text only; no interface/event/behavior change. --- tip-4626.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tip-4626.md b/tip-4626.md index cb134e0..2dcfeaa 100644 --- a/tip-4626.md +++ b/tip-4626.md @@ -606,6 +606,10 @@ The only functions where the preferred rounding direction would be ambiguous are Although the `convertTo` functions should eliminate the need for any use of an TIP-4626 Vault's `decimals` variable, it is still strongly recommended to mirror the underlying token's `decimals` if at all possible, to eliminate possible sources of confusion and simplify integration across front-ends and for other off-chain users. +**Share-inflation / first-depositor (donation) attack.** When a Vault is empty or nearly empty, an attacker can mint a tiny number of shares and then transfer assets directly into the Vault, inflating the share price so that subsequent depositors' deposits round down to zero shares and are absorbed by the attacker. The rounding rules above do not by themselves prevent this. Implementations SHOULD mitigate it — for example via the virtual shares/assets offset used by OpenZeppelin's ERC-4626 implementation, or by seeding a non-trivial initial deposit at Vault creation. The attack cost scales with the **Vault asset's** decimals, not the chain's native-coin precision: a 6-decimal asset (e.g. USDT) is simply the cheaper case, on any chain. + +**Decimal basis.** TRX and most TIP-20 stablecoins use 6 decimals, while other TIP-20 tokens may differ. Each function's denomination follows from the interface semantics — `deposit`/`withdraw` and the asset side of `convert`/`preview` are in the underlying asset's decimals; `mint`/`redeem` and the share side are in the Vault share's decimals. Vaults SHOULD document their decimal basis, and integrators SHOULD read `decimals()` from both the Vault and the underlying token rather than hardcoding a precision. + ## Copyright Copyright and related rights waived via [CC0](https://github.com/tronprotocol/tips/blob/master/LICENSE.md).