The depositWithPermit function will revert transactions for tokens like stETH that lack EIP-2612 permit functionality, limiting its current usability.
Proof of Concept
User attempts to call depositWithPermit with stETH, providing necessary parameters including signature components (v, r, s) and _deadline.
The function attempts to execute IERC20Permit(address(_asset)).permit(...), expecting the asset to have a permit function as per EIP-2612.
stETH does not implement permit, so this call will not find the appropriate function to execute.
stETH fallback function is triggered due to the absence of the permit function.
stETH's fallback function is not designed to handle this type of call, resulting in a transaction revert.
Lines of code
https://github.com/code-423n4/2024-03-pooltogether/blob/480d58b9e8611c13587f28811864aea138a0021a/pt-v5-vault/src/PrizeVault.sol#L524-L546
Vulnerability details
Impact
The
depositWithPermit
function will revert transactions for tokens like stETH that lack EIP-2612 permit functionality, limiting its current usability.Proof of Concept
User attempts to call
depositWithPermit
with stETH, providing necessary parameters including signature components (v, r, s) and _deadline.The function attempts to execute IERC20Permit(address(_asset)).permit(...), expecting the asset to have a permit function as per EIP-2612. stETH does not implement permit, so this call will not find the appropriate function to execute. stETH fallback function is triggered due to the absence of the permit function.
stETH's fallback function is not designed to handle this type of call, resulting in a transaction revert.
Same Issue
Harvest finance gives a yield on stETH
Tools Used
Manual Review
Recommended Mitigation Steps
Consider implementing a wrapper or adapter for stETH to provide permit functionality, or use wrapped stETH (wstETH) that already has it.
Assessed type
Error