Feature: Allows whitehats to use custom logic to track balances

[infosec-us-team]

Vulnerability Type

This commit introduces the snapshotBalance(address _user, IERC20[] memory _tokens, uint256[] memory _amounts) function, which allows the use of custom logic to track balances for specific tokens and amounts.

This functionality is useful for tracking virtual balances, for example:

• Tracking an attacker's virtual balance of underlying tokens inside a smart contract that holds funds from several users at the same time, and over time accrues interest on these funds.

Function details:

• snapshotBalance takes three arguments:
  • _user: The address of the attacker to be tracked.
  • _tokens: An array of IERC20 tokens to track the balance for.
  • _amounts: An array of corresponding token amounts to snapshot.
• The function returns an array of TokenBalance structs, each containing the address of the token and its snapshotted balance as an int256.

Usage

An example of usage is: Tracking the virtual balance of a loan in GammaSwap protocol before and after executing an exploit, then printing the profit.

// Initialize an array of tokens to track
IERC20[] tokens;
tokens.push(WETH);
tokens.push(USDC);

// Get the virtual balance of underlying collateral for a loan, in a GammaSwap pool
IGammaPool.LoanData memory data = viewer.loan(address(pool), loanId);
uint256[] memory amounts = new uint256[](2);
amounts[0] = data.tokensHeld[0];
amounts[1] = data.tokensHeld[1];

// Snapshot the balance of the attacker
snapshotBalance(address(this), tokens, amounts);

// Run the exploit
exploit();

// Get the new virtual balance of underlying collateral
data = viewer.loan(address(pool), loanId);
amounts[0] = data.tokensHeld[0];
amounts[1] = data.tokensHeld[1];

// Snapshot the balance of the attacker
snapshotBalance(address(this), tokens, amounts);

// Print the profit of the attacker
printProfit(address(this));

PR Checklist

• Attack Template
• Attack Example
• Test
• Readme Updated

[janbro]

Nice