search

code-423n4 / 2021-12-amun-findings

0 stars 0 forks source link

input amount might be wrong #200

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Handle

certora

Vulnerability details

https://github.com/code-423n4/2021-12-amun/blob/main/contracts/basket/contracts/singleJoinExit/EthSingleTokenJoin.sol#L15 msg.value might be different than _joinTokenStruct.inputAmount

Recommended Mitigation Steps

add:

require(msg.value == _joinTokenStruct.inputAmount);
0xleastwood commented 2 years ago

I think this is valid, the function will likely revert unknowingly to the user who calls this function.