search

code-423n4 / 2024-04-revert-mitigation-findings

1 stars 1 forks source link

М-12 MitigationConfirmed #41

Closed c4-bot-4 closed 4 months ago

c4-bot-4 commented 4 months ago

Lines of code

Vulnerability details

C4 Issue

М-12: Wrong global lending limit check in _deposit function

Issue Details

V3Vault.sol defines a globalLendLimit variable that ensures the total amount of assets lent does not exceed the protocol limit - it is calculated in terms of the assets provided.

The problem was that the _deposit() function incorrectly checked if the globalLendLimit is reached by comparing it against the total shares, without converting them to assets first (as it should), because globalLendLimit is defined in terms of assets, not shares

 if (totalSupply() > globalLendLimit) {
            revert GlobalLendLimit();
    }

Mitigation

PR-16 successfully mitigates the original issue by converting the shares to assets inside _deposit() before validating globalLendLimit

        uint256 totalSupplyValue = _convertToAssets(totalSupply(), newLendExchangeRateX96, Math.Rounding.Up);
        if (totalSupplyValue > globalLendLimit) {
            revert GlobalLendLimit();
        }

Conclusion

Mitigation Confirmed

BogoCvetkov commented 4 months ago

I've marked this as Mitigated based on the changes provided in the PR, because they were valid. However the final repo with all the fixes applied does NOT fix this issue. An I have submitted it as a separate finding -> https://github.com/code-423n4/2024-04-revert-mitigation-findings/issues/64

c4-judge commented 4 months ago

jhsagd76 marked the issue as nullified