c4-judge
commented
1 year ago dmvt marked the issue as duplicate of #247
Closed c4-judge closed 1 year ago
c4-judge
commented
1 year ago dmvt marked the issue as duplicate of #247
c4-judge
commented
1 year ago dmvt marked the issue as satisfactory
c4-judge
commented
1 year ago dmvt marked the issue as unsatisfactory: Out of scope
Judge has assessed an item in Issue #374 as M risk. The relevant finding follows:
[L-03] WETHGateway.repayETH will revert if msg.value > paybackAmount In the repayETH function, paybackAmount eth will be deposit to WETH contract to get paybackAmount weth back.
WETH.deposit{value: paybackAmount}(); And then repay msg.value to pool
IPool(pool).repay(address(WETH), msg.value, onBehalfOf); Here if msg.value > paybackAmount, IPool(pool).repay will revert due to insufficient weth.
Recommendation change
IPool(pool).repay(address(WETH), msg.value, onBehalfOf); to
IPool(pool).repay(address(WETH), paybackAmount, onBehalfOf); https://github.com/code-423n4/2022-11-paraspace/blob/main/paraspace-core/contracts/ui/WETHGateway.sol#L112-L113