GalloDaSballo
commented
3 years ago Given the context that the warden has, the finding is valid, we're missing two functions for calcMint
As for us, we have shifted to only using pool 0 as such the code works fine for us
Handle
gzeon
Vulnerability details
Impact
calcMintin Zap.sol always return poolId=0 and idx=0, while the docstring specified it should return the most optimal route instead. This will lead to suboptimal zap.Proof of Concept
https://github.com/Badger-Finance/ibbtc/blob/d8b95e8d145eb196ba20033267a9ba43a17be02c/contracts/Zap.sol#L156
Tools Used
Recommended Mitigation Steps