Closed code423n4 closed 1 year ago
This largely depends on the liquidator's implementation, which is out of scope
Picodes marked the issue as primary issue
Picodes marked issue #151 as primary and marked this issue as a duplicate of 151
Picodes marked the issue as unsatisfactory: Out of scope
Lines of code
https://github.com/GenerationSoftware/pt-v5-vault/blob/b1deb5d494c25f885c34c83f014c8a855c5e2749/src/Vault.sol#L565
Vulnerability details
Impact
Ther are a lot of check to ensure the parameters of the
liquidate
function are correct. However, it does not checki for_amountIn
to NOT be 0, thus it lets the caller proceed and mint_amountOut
tokens to_account
without providing anyProof of Concept
The only place it is used is in
which calls
and neither validate the
_amount
parameter, thus it proceeds to the mint call in line 584 of Vault.sol without revertingTools Used
Manual analysis
Recommended Mitigation Steps
Just check
_amountIn
to not be 0Assessed type
Invalid Validation