search

code-423n4 / 2023-01-astaria-findings

5 stars 2 forks source link

> Should Be Used Instead Of >= #550

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-01-astaria/blob/main/src/PublicVault.sol#L586

Vulnerability details

Impact

The function afterDeposit (https://github.com/code-423n4/2023-01-astaria/blob/main/src/PublicVault.sol#L586) will revert for valid value of totalAssets.

Proof of Concept

The comparison here https://github.com/code-423n4/2023-01-astaria/blob/main/src/PublicVault.sol#L586 will consider totalAssets() = v.depositCap as a valid condition and it would revert , but totalAssets() = v.depositCap should not revert as in this condition the value of totalAssets is still inbound the depositCap and this can happen alot(totalAssets reaching depositCap). Making this revert would let valid transactions(mint and deposit ) revert.

Tools Used

Manual Analysis

Recommended Mitigation Steps

Use totalAssets() > v.depositCap instead

Picodes commented 1 year ago

Low severity at best considering it's a hedge case

c4-judge commented 1 year ago

Duplicate of https://github.com/code-423n4/2023-01-astaria-findings/issues/443