Open c4-submissions opened 1 year ago
0xleastwood marked the issue as duplicate of #18
0xleastwood marked the issue as satisfactory
0xleastwood changed the severity to 3 (High Risk)
0xleastwood changed the severity to QA (Quality Assurance)
This previously downgraded issue has been upgraded by 0xleastwood
0xleastwood marked the issue as not a duplicate
0xleastwood changed the severity to QA (Quality Assurance)
0xleastwood removed the grade
elmutt (sponsor) confirmed
Lines of code
https://github.com/code-423n4/2023-09-asymmetry/blob/main/contracts/AfEth.sol#L176
Vulnerability details
Impact
AfEth.requestWithdraw function calculates withdraw time incorrectly, which cause user to wait more time to receive funds.
Proof of Concept
When user wants to withdraw, then he needs to initiate
requestWithdraw
. As some part of funds are locked as cvx token inside vlcvx that means that they should be withdrawn. When you lock cvx then amount is locked for some period, so you can't withdraw it for that time.For such reason
withdrawTime
function exists, which purpose is to calculate time when needed amount will be available to withdraw.The problem is that
AfEth.requestWithdraw
function checks when it will be possible to withdraw wholeamount
. But as afEth consists of 2 tokens that means that only part ofamount
should be withdrawn from votium strategy. And this amount isvotiumWithdrawAmount
.Because of that mistake user may wait more time to get his funds.
Tools Used
VsCode
Recommended Mitigation Steps
Calculate withdraw time for
votiumWithdrawAmount
only.Assessed type
Error