c4-pre-sort
commented
11 months ago raymondfam marked the issue as insufficient quality report
Closed c4-submissions closed 11 months ago
c4-pre-sort
commented
11 months ago raymondfam marked the issue as insufficient quality report
c4-pre-sort
commented
11 months ago raymondfam marked the issue as duplicate of #122
c4-judge
commented
10 months ago fatherGoose1 marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/c5fdc2e62c5e1d78769f44d6e34a6fb9e40c00f0/src/LRTDepositPool.sol#L109
Vulnerability details
Impact
if the asset is with different decimals rather than 18 (RSETH decimals), it would lead to incorrect calculations, even to unable to mint tokens
Proof of Concept
e.g. Users want to give USDT asset, which is with 6 decimals, this would lead to the issue
I know that Eigenlayer supports only stETH, rETH and cbETH as of today, but they can change something. This is way I set this as a medium issue
Tools Used
manual
Recommended Mitigation Steps
it should check the asset tokens and to multiplied them to reach 18
Assessed type
Decimal