Open ghost opened 1 month ago
If a Vault is unlocked, user can use the deposit function. However, there are no restrictions on the msg.value.
Vault
deposit
msg.value
Malicious user can send transactions with msg.value = 0 and grief a Vault
0
require(msg.value > 0, "Cannot be zero")
Grief the vault how? His balances are updated based on msg.value, so if he passes 0 his balances won't be updated.
balances
Description of the Bug:
If a
Vault
is unlocked, user can use thedeposit
function. However, there are no restrictions on themsg.value
.Impact:
Malicious user can send transactions with
msg.value
=0
and grief aVault
Solution: