Closed code423n4 closed 2 years ago
hubble
The current code allows deposit and sponsor for a value of 0 amount, which may unnecessarily add up to the deposits mapping in storage.
File : Vault.sol line# 160 , function deposit(DepositParams calldata _params) external { line# 244 , function sponsor(uint256 _amount, uint256 _lockedUntil)
Manual review and unit test
Check for 0 amount via a require statement in these two functions.
Duplicate of https://github.com/code-423n4/2022-01-sandclock-findings/issues/64
Handle
hubble
Vulnerability details
Impact
The current code allows deposit and sponsor for a value of 0 amount, which may unnecessarily add up to the deposits mapping in storage.
Proof of Concept
File : Vault.sol line# 160 , function deposit(DepositParams calldata _params) external { line# 244 , function sponsor(uint256 _amount, uint256 _lockedUntil)
Tools Used
Manual review and unit test
Recommended Mitigation Steps
Check for 0 amount via a require statement in these two functions.