search

sherlock-audit / 2022-09-notional-judging

4 stars 2 forks source link

Bnke0x0 - User's may accidentally overpay in depositVaultCashToStrategyTokens()/repaySecondaryCurrencyFromVault()/_redeem() and the excess will be paid to the vault creator #4

Closed rcstanciu closed 1 year ago

rcstanciu commented 1 year ago

Bnke0x0

medium

User's may accidentally overpay in depositVaultCashToStrategyTokens()/repaySecondaryCurrencyFromVault()/_redeem() and the excess will be paid to the vault creator

Summary

User's may accidentally overpay in depositVaultCashToStrategyTokens()/repaySecondaryCurrencyFromVault()/_redeem() and the excess will be paid to the vault creator

Vulnerability Detail

Impact

It is possible for a user purchasing an option to accidentally overpay the premium during depositVaultCashToStrategyTokens()/repaySecondaryCurrencyFromVault()/_redeem() .

Any excess funds paid for in excess of the premium will be transferred to the vault creator.

Code Snippet

  1. https://github.com/sherlock-audit/2022-09-notional/blob/main/contracts-v2/contracts/external/actions/VaultAction.sol#L191

        'require(vaultConfig.minCollateralRatio <= collateralRatio, "Insufficient Collateral");'

  2. https://github.com/sherlock-audit/2022-09-notional/blob/main/contracts-v2/contracts/external/actions/VaultAction.sol#L336

        ' require(balanceTransferred >= underlyingExternalToRepay, "Insufficient Repay");'

  3. https://github.com/sherlock-audit/2022-09-notional/blob/main/contracts-v2/contracts/internal/vaults/VaultConfiguration.sol#L635

        'require(residualRequired <= msg.value, "Insufficient repayment");'

  4. https://github.com/sherlock-audit/2022-09-notional/blob/main/contracts-v2/contracts/internal/vaults/VaultConfiguration.sol#L651

        ' require(amountTransferred >= underlyingExternalToRepay, "Insufficient repayment");'

Tool used

Manual Review

Recommendation

Consider changing '>=' to '=='

  1. https://github.com/sherlock-audit/2022-09-notional/blob/main/contracts-v2/contracts/external/actions/VaultAction.sol#L191

        'require(vaultConfig.minCollateralRatio == collateralRatio, "Insufficient Collateral");'

  2. https://github.com/sherlock-audit/2022-09-notional/blob/main/contracts-v2/contracts/external/actions/VaultAction.sol#L336

        ' require(balanceTransferred == underlyingExternalToRepay, "Insufficient Repay");'

  3. https://github.com/sherlock-audit/2022-09-notional/blob/main/contracts-v2/contracts/internal/vaults/VaultConfiguration.sol#L635

        'require(residualRequired == msg.value, "Insufficient repayment");'

  4. https://github.com/sherlock-audit/2022-09-notional/blob/main/contracts-v2/contracts/internal/vaults/VaultConfiguration.sol#L651

        ' require(amountTransferred == underlyingExternalToRepay, "Insufficient repayment");'