In Vault.sol, the state variable totalDepositCap is 'the maximum amount of value that can be deposited to the metavault at a time' according to the comment at L97.
The way it's used instead suggests a different meaning, i.e. 'the maximum amount of value that can be deposited to the metavault in total' (see L200).
Handle
0xsanson
Vulnerability details
Impact
In Vault.sol, the state variable
totalDepositCap
is 'the maximum amount of value that can be deposited to the metavault at a time' according to the comment at L97. The way it's used instead suggests a different meaning, i.e. 'the maximum amount of value that can be deposited to the metavault in total' (see L200).Proof of Concept
https://github.com/code-423n4/2021-09-yaxis/blob/main/contracts/v3/Vault.sol#L97 https://github.com/code-423n4/2021-09-yaxis/blob/main/contracts/v3/Vault.sol#L97
Tools Used
editor
Recommended Mitigation Steps
Check what's the intended behavior and either change the documentation or the usage in the deposit function.