search

code-423n4 / 2021-06-gro-findings

0 stars 1 forks source link

Wrong min amount check in `withdrawByStablecoin` #97

Open code423n4 opened 3 years ago

code423n4 commented 3 years ago

Handle

cmichel

Vulnerability details

Vulnerability Details

The WithdrawHandler.withdrawByStablecoin incorrectly uses the lpAmount instead of the minAmount in the check.

require(lpAmount > 0, "!minAmount");

Recommended Mitigation Steps

Use minAmount > 0 if trying to check for !minAmount or use a different error message for an invalid LP amount.

kitty-the-kat commented 2 years ago

non-critical style/comment issue

ghoul-sol commented 2 years ago

Agree with non-critical. This does not influence functionality assuming that lpAmount > 0 is correct check.