Closed c4-submissions closed 9 months ago
0xleastwood marked the issue as duplicate of #36
0xleastwood marked the issue as not a duplicate
0xleastwood marked the issue as duplicate of #18
So technically this is a duplicate of #18 and #36 but it fails to really describe either one in full detail. Not sure how this should be treated, but I will try to duplicate this issue so that it can be partially rewarded for both. 50% for #18 and 25% for #36.
0xleastwood changed the severity to 3 (High Risk)
0xleastwood marked the issue as partial-50
0xleastwood changed the severity to QA (Quality Assurance)
This previously downgraded issue has been upgraded by 0xleastwood
0xleastwood changed the severity to QA (Quality Assurance)
This previously downgraded issue has been upgraded by 0xleastwood
0xleastwood marked the issue as full credit
0xleastwood marked the issue as not a duplicate
0xleastwood marked the issue as duplicate of #36
0xleastwood changed the severity to 3 (High Risk)
0xleastwood marked the issue as partial-25
Lines of code
https://github.com/code-423n4/2023-09-asymmetry/blob/main/contracts/AfEth.sol#L175-L215
Vulnerability details
Impact
AfEth withdrawing will not work when ratio will be 0. It will be not possible to withdraw.
Proof of Concept
Any ratio for the 2 tokens of afEth can be set by owner. AfEth.withdraw function will not work in case if ratio will be 0, which means that safEth percentage is 0. This is because, safEth doesn't allow to unstake 0 amount.
Also, when ratio is e18, that means that vEth percentage is 0, but
requestWithdraw
function will still calculate withdraw time, which is not needed in this case and withdraw will be called.Tools Used
VsCode
Recommended Mitigation Steps
First of all, calculate withdraw time only for vEth amount, not whole amount. Then in case if ratio is e18, then you don't need to do that. Also don't unstake/withdraw 0 shares for safEth and vEth.
Assessed type
Error