search

code-423n4 / 2024-02-spectra-findings

4 stars 2 forks source link

Withdrawal Failure Due to Zero Redemption Amount #60

Closed c4-bot-5 closed 8 months ago

c4-bot-5 commented 8 months ago

Lines of code

https://github.com/code-423n4/2024-02-spectra/blob/main/src/tokens/PrincipalToken.sol#L303

Vulnerability details

Impact

In the withdrawIBT function, the previewRedeem function is called to estimate the amount of underlying assets redeemable for a given quantity of IBT tokens. If the previewRedeem function returns a redemption amount of zero, it suggests an insufficient availability of underlying assets for redemption.

Proof of Concept

 function withdrawIBT(
        uint256 ibts,
        address receiver,
        address owner
    ) public override returns (uint256 shares) {
        _beforeWithdraw(IERC4626(ibt).previewRedeem(ibts), owner);
        (uint256 _ptRate, uint256 _ibtRate) = _getPTandIBTRates(false);
        shares = _withdrawShares(ibts, receiver, owner, _ptRate, _ibtRate);
        // send IBTs from this contract to receiver
        IERC20(ibt).safeTransfer(receiver, ibts);
    }

The withdrawIBT function facilitates users' IBT token withdrawals from the contract, initiated upon user request.

function previewRedeem(uint256 shares) public view override returns (uint256) {
        return IERC4626(ibt).previewRedeem(previewRedeemForIBT(shares));
    }

the previewRedeem function, is utilized to forecast the redeemable underlying assets.

A zero redemption amount signifies insufficient underlying assets,

When the previewRedeem function returns zero, it signals a potential failure in fulfilling the withdrawal request due to inadequate underlying assets. Attempting to withdraw IBT tokens without sufficient underlying assets may result in failed withdrawals, leading to user dissatisfaction and potential financial losses.

Tools Used

manual review

Recommended Mitigation Steps

To mitigate this risk, the contract could implement checks to prevent withdrawals when the redemption amount is zero. Additionally, providing informative error messages to users can clarify the reason for withdrawal failures and suggest alternative actions.

Assessed type

DoS

c4-pre-sort commented 8 months ago

gzeon-c4 marked the issue as duplicate of #246

c4-pre-sort commented 8 months ago

gzeon-c4 marked the issue as insufficient quality report

c4-judge commented 8 months ago

JustDravee marked the issue as unsatisfactory: Invalid