In Vault.sol, there is a function mintYieldFee() that allows to mint yield fee to the yield recipient. However, there are no any checks on whether the user has ever deposited liquidity. This allows anybody to just get shares without providing any economic incentives
Lines of code
https://github.com/GenerationSoftware/pt-v5-vault/blob/b1deb5d494c25f885c34c83f014c8a855c5e2749/src/Vault.sol#L394
Vulnerability details
Impact
In Vault.sol, there is a function mintYieldFee() that allows to mint yield fee to the yield recipient. However, there are no any checks on whether the user has ever deposited liquidity. This allows anybody to just get shares without providing any economic incentives
Proof of Concept
https://github.com/GenerationSoftware/pt-v5-vault/blob/b1deb5d494c25f885c34c83f014c8a855c5e2749/src/Vault.sol#L394-402
Tools Used
Manual review
Recommended Mitigation Steps
Add check to see whether the user possesses specific criteria to mint himself yield fee
Assessed type
Access Control