Closed code423n4 closed 10 months ago
bytes032 marked the issue as duplicate of #867
bytes032 marked the issue as low quality report
bytes032 marked the issue as not a duplicate
the function will revert if there's not enough allowance
psytama (sponsor) disputed
GalloDaSballo marked the issue as unsatisfactory: Insufficient proof
Lines of code
https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/perp-vault/PerpetualAtlanticVaultLP.sol#L145
Vulnerability details
Impact
This can lead to loss of funds for the protocol
Proof of Concept
In the
redeem
function ofPerpetualAtlanticVaultLP
, rdpx amount to send to the user is calculated in addition to the Weth and there is no check for if the user actually owns the rdpx.Tools Used
Manual Review
Recommended Mitigation Steps
Assessed type
Other