refund difference between msg.value and assets
on native ETH transfers
DESCRIPTION
The function _deposit is called from deposit and mint and it pulls the
exact amount of assets if using WETH, however for ETH it relies solely on
msg.value. If the ETH amount is greater than the specific assets amount,
then the overpayment is not returned.
This double standard could trick a depositor that is used to depositing ETH
that their balance won’t be subtracted lower than the assets input. This
could lead to a mistake where msg.value largely exceeds assets and the
depositor is left un-refunded.
OVERPAYMENT OF ETH IS NOT REFUNDED TO DEPOSITOR
SEVERITY: Medium
PATH: MevEth.sol:_deposit(uint256):L488-495
https://github.com/manifoldfinance/mevETH2/blob/63edde66d91c263b919fe9c21e128a382219880e/src/MevEth.sol#L488-L495
REMEDIATION
refund difference between msg.value and assets on native ETH transfers
DESCRIPTION
The function _deposit is called from deposit and mint and it pulls the exact amount of assets if using WETH, however for ETH it relies solely on msg.value. If the ETH amount is greater than the specific assets amount, then the overpayment is not returned. This double standard could trick a depositor that is used to depositing ETH that their balance won’t be subtracted lower than the assets input. This could lead to a mistake where msg.value largely exceeds assets and the depositor is left un-refunded.