Seems to be an inattention error

[code423n4]

Lines of code

https://github.com/Rari-Capital/solmate/blob/1205a9067ff957ef8b0b003ff9d77c20ef9f2e0b/src/mixins/ERC4626.sol#L67

Vulnerability details

Shouldn't it be _mint(to, shares); ?

Currently the using mint, one would receive as many shares as assets they transfer, which is not the intended behaviour

[Joeysantoro]

https://github.com/Rari-Capital/solmate/commit/fd67739ec00b8441605f6dcf04d83458884fa3d0 fixed

[GalloDaSballo]

Duplicate of #27