Lack of balance checks in the depositGivenInputAmount function can lead to various unpredictable consequences due to the breach of requirement "The pool's ratio of y to x must be within the interval [MIN_M, MAX_M)".
Proof of Concept
The depositGivenInputAmount receive an depositedAmount parameter which describes how many reserve tokens the user wants to deposit. There are no balance checks in the depositGivenInputAmount function and in the _reserveTokenSpecified function, similar with checks in the _swap function. So users can deposit such an amount of tokens which breach the pool's ratio.
Tools Used
Manual review
Recommended Mitigation Steps
I suggest using the _checkBalances function at the depositGivenInputAmount function or at the _reserveTokenSpecified function.
Lines of code
https://github.com/code-423n4/2023-08-shell/blob/c61cf0e01bada04c3d6055acb81f61955ed600aa/src/proteus/EvolvingProteus.sol#L353-L380
Vulnerability details
Impact
Lack of balance checks in the
depositGivenInputAmount
function can lead to various unpredictable consequences due to the breach of requirement "The pool's ratio of y to x must be within the interval [MIN_M, MAX_M)".Proof of Concept
The
depositGivenInputAmount
receive andepositedAmount
parameter which describes how many reserve tokens the user wants to deposit. There are no balance checks in thedepositGivenInputAmount
function and in the_reserveTokenSpecified
function, similar with checks in the_swap
function. So users can deposit such an amount of tokens which breach the pool's ratio.Tools Used
Manual review
Recommended Mitigation Steps
I suggest using the
_checkBalances
function at thedepositGivenInputAmount
function or at the_reserveTokenSpecified
function.Assessed type
Other