Open code423n4 opened 3 years ago
cmichel
The WithdrawHandler.withdrawByStablecoin incorrectly uses the lpAmount instead of the minAmount in the check.
WithdrawHandler.withdrawByStablecoin
lpAmount
minAmount
require(lpAmount > 0, "!minAmount");
Use minAmount > 0 if trying to check for !minAmount or use a different error message for an invalid LP amount.
minAmount > 0
!minAmount
non-critical style/comment issue
Agree with non-critical. This does not influence functionality assuming that lpAmount > 0 is correct check.
lpAmount > 0
Handle
cmichel
Vulnerability details
Vulnerability Details
The
WithdrawHandler.withdrawByStablecoin
incorrectly uses thelpAmount
instead of theminAmount
in the check.Recommended Mitigation Steps
Use
minAmount > 0
if trying to check for!minAmount
or use a different error message for an invalid LP amount.