deth_ctf Function deployVault An Attacker can prevent a user from never being able to deploy vault

[D4n13l-D33]

Summary Since create2 is used to deploy the vaults the contract address with will be deployed to is deterministic that way the address can be predicted. This being know an attacker can predict the contract address particular user's vault will be deployed and send ether to it as little as 1 wei and that user won't be able to deploy their vault ever again.

Vulnerability Detail When codehash is used on an address it only returns byte 0x0000 only if there are no ether, no codes and the nonce is zero but if there is ether in that address even if it doesn't have any code it will return a byte of empty string which will in turn be returned as 0xc5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470 since in the contract it will require codehash to return ox000 that user will never be able to deploy their vault

function deployVault() external { address vaultAddress = computeAddress();

    if (vaultAddress.codehash != bytes32(0)) {
        revert AlreadyDeployed();
    } 

    bytes32 salt = bytes32(uint256(uint160(msg.sender)));
    vaultAddress = address(new Vault{salt: salt}(msg.sender));
}

Impact An attacker can cause DOS attack for a user or group of users on the deployVault function

[0xdeth]

Duplicate of #9.