Open c4-submissions opened 11 months ago
raymondfam marked the issue as sufficient quality report
raymondfam marked the issue as duplicate of #36
fatherGoose1 marked the issue as unsatisfactory: Invalid
fatherGoose1 changed the severity to QA (Quality Assurance)
fatherGoose1 marked the issue as grade-b
Lines of code
https://github.com/code-423n4/2023-10-ethena/blob/ee67d9b542642c9757a6b826c82d0cae60256509/contracts/EthenaMinting.sol#L352-L355
Vulnerability details
Impact
in the
Ethenaminting.sol
Contract and in theVerifyRoute()
function in line 353 there isIF
that checks if the order type isordertype.REDEEM
but as you saw in the comments of that if it suppose to// routes only used to mint
so that means ordertype. should not be redeem. but it is and it should return false instead of true
Proof of Concept
Tools Used
vs code / brain
Recommended Mitigation Steps
Assessed type
Other