search

code-423n4 / 2024-03-pooltogether-findings

5 stars 4 forks source link

Loss of fund as gas fund by user if 0 shares is minted in the yieldvault #351

Closed c4-bot-3 closed 8 months ago

c4-bot-3 commented 8 months ago

Lines of code

https://github.com/code-423n4/2024-03-pooltogether/blob/480d58b9e8611c13587f28811864aea138a0021a/pt-v5-vault/src/PrizeVault.sol#L835-L877

Vulnerability details

Impact

The _depositAndMint function lacks a critical check after minting shares to ensure that the minted amount is more than zero. This design flaw allows the minting of zero shares to the yield vault, resulting in the emission of zero yield shares. Users are charged a gas fee for a transaction that does not yield any meaningful result, leading to potential financial inefficiency and user dissatisfaction.

Proof of Concept

  1. When the condition _shares == 0 is met, the function reverts with the MintZeroShares error.

  2. However, after minting shares, there is no subsequent check to verify that the minted amount is greater than zero.

  3. Consequently, if yield _shares is zero, the transaction proceeds, emits zero yield shares, and charges the user a gas fee for a transaction with no meaningful impact.

Code Reference

https://github.com/code-423n4/2024-03-pooltogether/blob/480d58b9e8611c13587f28811864aea138a0021a/pt-v5-vault/src/PrizeVault.sol#L835-L877

Tools Used

Manual code analysis.

Recommended Mitigation Steps

To address the issue and enhance the user experience, it is crucial to implement a check after minting shares to ensure that the minted amount is more than zero. This prevents users from incurring gas fees for transactions that do not result in meaningful yield shares.

Update the code as follows:

// After minting shares, check that the minted amount is more than zero
uint256 _yieldVaultShares = yieldVault.previewDeposit(_assetsWithDust);
uint256 _assetsUsed = yieldVault.mint(_yieldVaultShares, address(this));
if (_assetsUsed == 0) {
    revert MintZeroYieldShares();
}

//

By incorporating this adjustment, the function ensures that users are not charged gas fees for transactions that emit zero yield shares.

Assessed type

Invalid Validation

c4-pre-sort commented 8 months ago

raymondfam marked the issue as insufficient quality report

c4-pre-sort commented 8 months ago

raymondfam marked the issue as duplicate of #33

c4-judge commented 8 months ago

hansfriese marked the issue as unsatisfactory: Invalid