The receive function in YieldVault.sol may lead to locking up received ether from any user
Vulnerability Detail
It is possible for any user to send ether to YieldVault.sol contract by receive function, this ether sent to the contract will be locked up forever because there isn't any function to return miss sending ether.
Impact
Any unaware user may lose ether if sending to the contract using receive function
Summary
The receive function in YieldVault.sol may lead to locking up received ether from any user
Vulnerability Detail
It is possible for any user to send ether to
YieldVault.sol
contract byreceive
function, this ether sent to the contract will be locked up forever because there isn't any function to return miss sending ether.Impact
Any unaware user may lose ether if sending to the contract using receive function
Code Snippet
https://github.com/Fujicracy/fuji-v2/blob/main/packages/protocol/src/vaults/yield/YieldVault.sol#L56
Recommendation
1) Remove the fallback receive function if it's not necessary. 2) Add an admin function to recover ETH that got stuck in the contract.