Open code423n4 opened 2 years ago
broccoli
The _updatePosition function of ConcentratedLiquidityPool uses the < operator to ensure a user's liquidity does not exceed the maximum. However, we should use the <= operator instead.
_updatePosition
ConcentratedLiquidityPool
<
<=
Referenced code: ConcentratedLiquidityPool.sol#L549
Change < to <= in the referenced line of code.
Handle
broccoli
Vulnerability details
Impact
The
_updatePositionfunction ofConcentratedLiquidityPooluses the<operator to ensure a user's liquidity does not exceed the maximum. However, we should use the<=operator instead.Proof of Concept
Referenced code: ConcentratedLiquidityPool.sol#L549
Recommended Mitigation Steps
Change
<to<=in the referenced line of code.