tokens can get lost at some mint process

[code423n4]

Lines of code

https://github.com/code-423n4/2022-11-redactedcartel/blob/684627b7889e34ba7799e50074d138361f0f532b/src/PxERC20.sol#L45-L55 https://github.com/code-423n4/2022-11-redactedcartel/blob/684627b7889e34ba7799e50074d138361f0f532b/src/vaults/PirexERC4626.sol#L60-L78 https://github.com/code-423n4/2022-11-redactedcartel/blob/684627b7889e34ba7799e50074d138361f0f532b/src/vaults/PirexERC4626.sol#L80-L97

Vulnerability details

tokens can get lost at some mint process

Impact

In AutoPxGmx.receiver and AutoPxGlp.deposit it is being checked to not be address(0) in order of not losing tokens by error, however in other places they are not being checked and can cause a loss of assets

• It is being checked: https://github.com/code-423n4/2022-11-redactedcartel/blob/684627b7889e34ba7799e50074d138361f0f532b/src/vaults/AutoPxGmx.sol#L376 https://github.com/code-423n4/2022-11-redactedcartel/blob/684627b7889e34ba7799e50074d138361f0f532b/src/vaults/AutoPxGlp.sol#L304-L322

  Github Permalinks

Possible loss of assets

• mint https://github.com/code-423n4/2022-11-redactedcartel/blob/684627b7889e34ba7799e50074d138361f0f532b/src/PxERC20.sol#L45-L55 _mint(to, amount);

• deposit https://github.com/code-423n4/2022-11-redactedcartel/blob/684627b7889e34ba7799e50074d138361f0f532b/src/vaults/PirexERC4626.sol#L60-L78 _mint(receiver, shares);

• mint https://github.com/code-423n4/2022-11-redactedcartel/blob/684627b7889e34ba7799e50074d138361f0f532b/src/vaults/PirexERC4626.sol#L80-L97 _mint(receiver, shares);

Mitigation

Check not to send tokens to 0 address

[Picodes]

address(0) checks fall within QA

[c4-judge]

Duplicate of https://github.com/code-423n4/2022-11-redactedcartel-findings/issues/408