User unable to withdraw remaining amount after partial withdrawal

[hats-bug-reporter[bot]]

Github username: -- Twitter username: 97Sabit Submission hash (on-chain): 0xb658426fd7ead10d229861fe301a9d9030a1e1fbc770e6b81c587c5aba31cf08 Severity: high

Description: Description\ The withdraw() function allows a user to withdraw part of their available amount by providing an id, address, amount, and signature.

However, once processedWithdrawals[id] is set to true after the first withdrawal, the user will not be able to withdraw the remaining amount later since the require statement on line 5 will fail:

require(processedWithdrawals[id] == false, "ALREADY_PROCESSED");

This prevents the user from withdrawing their full available amount in multiple transactions.

Steps to Reproduce:

1. User has 100 tokens available to withdraw
2. User calls withdraw() to withdraw 50 tokens
3. processedWithdrawals[id] is set to true
4. User tries to call withdraw() again to withdraw the remaining 50 tokens
5. The transaction fails at line 5 with "ALREADY_PROCESSED"

Suggested Fix:

• Only set processedWithdrawals[id] to true after the full amount has been withdrawn.
• Or, allow processedWithdrawals[id] to be true but still allow withdrawals as long as the amount is available.

This will enable users to make multiple partial withdrawals as needed.

1. Proof of Concept (PoC) File

   https://github.com/hats-finance/Blast-Futures-Exchange-0x97895c329b950755566ddcdad3395caaea395074/blob/d9b402f5124f1470f979ed9a6d010d89988f6dee/foundry/src/Bfx.sol#L48

[bahurum]

Duplicate of #18