Attacker can grief users from withdrawing their tokens and causing users to loose money

[code423n4]

Lines of code

https://github.com/code-423n4/2022-06-nested/blob/b253ed80f67d1bb2a04e1702f5796fd96a7c521e/contracts/operators/Beefy/lp/BeefyZapUniswapLPVaultOperator.sol#L108

Vulnerability details

Impact

balance of this contract of vault tokens in the require statement can stop users from withdrawing their tokens 2 issues:

1. vaultbalancebefore= balance of this contract from a vault tokens vaultamount=vaultbalancebefore- balance of vault right then when user is executing this tx which can be more or less causing vaultamount to not == amount causing users to revert same thing with tokenamount require statement

2. ex: alice calls withdraw with 5 as amount and attacker puts 100 tokens into this contract from that vault that alice calls, when attacker does this is vaultbalancebefore = 100 before the attacker gives this contract the tokens vaultamount=100-1000 Causing the function to revert causing user to loose gas

   Recommended Mitigation Steps

   have a min amount so it's not so absolute or revert. make a way where an attacker cant grief users . add way for the contract balance not to change in the tx

[obatirou]

Attacker can grief users from withdrawing their tokens and causing users to loose money (disputed)

Not understood and example seem not relevant to finding

1. Not an issue
2. what is the “1000” used in the calculation ?