Closed code423n4 closed 1 year ago
dmvt marked the issue as duplicate of #252
RedVeil marked the issue as sponsor confirmed
dmvt marked the issue as partial-50
dmvt marked the issue as duplicate of #365
dmvt marked the issue as not a duplicate
dmvt marked the issue as duplicate of #306
dmvt marked the issue as satisfactory
Lines of code
https://github.com/code-423n4/2023-01-popcorn/blob/d95fc31449c260901811196d617366d6352258cd/src/vault/adapter/abstracts/AdapterBase.sol#L531
Vulnerability details
The performance fees are only accrued when
shareValue > highWaterMark_
.highWaterMark
is set in the initializer as1e18
.The issue is that the value returned by
convertToAssets
will be inassets.decimals
ERC4626Upgradeable:
This means the performance fee will never be accrued for a token with low decimals:
Take for example
USDC
as an asset. Even if it reaches a share value of1.5:1
, the value returned will be1.5*1e6
, which is much lower than1e18
, meaning no performance fee is accrued, while it should.Impact
Medium
Tools Used
Manual Analysis
Mitigation
highWaterMark
should be set to10**asset.decimals()
, not1e18