Closed code423n4 closed 1 year ago
https://github.com/code-423n4/2023-06-stader/blob/main/contracts/ValidatorWithdrawalVault.sol#L46 https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderStakePoolsManager.sol#L78-L80
Eth may not complete successfully. As a result, the user will not receive their share from the validator.
Manual audit
Add to StaderStakePoolManager.receiveWithdrawVaultUserShare() function. if(msg.value == 0) revert Error
Token-Transfer
Picodes marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-06-stader/blob/main/contracts/ValidatorWithdrawalVault.sol#L46 https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderStakePoolsManager.sol#L78-L80
Vulnerability details
Impact
Eth may not complete successfully. As a result, the user will not receive their share from the validator.
Tools Used
Manual audit
Recommended Mitigation Steps
Add to StaderStakePoolManager.receiveWithdrawVaultUserShare() function. if(msg.value == 0) revert Error
Assessed type
Token-Transfer