Users who are unaware of this bug may enlist the rollover of their entire asset to next epoch, only to find out that mintRollovers skips executing the operation since the “entitledShares == queue[index].assets”
Vulnerability Detail
enlistInRollover does not prevent user from enlisting full amount of balance to another epochId, as it only check:
if (balanceOf(_receiver, _epochId) < _assets) // @audit the other _epochId?
revert InsufficientBalance();
Yet, in mintRollOver, ‘==‘ will be skipped.
Impact
When such cases happen, the user has to explicitly delistInRollover and re-deposit for next epoch, costing gas and opportunity.
datapunk
medium
User cannot roll over all of their assets
Summary
Users who are unaware of this bug may enlist the rollover of their entire asset to next epoch, only to find out that mintRollovers skips executing the operation since the “entitledShares == queue[index].assets”
Vulnerability Detail
enlistInRollover does not prevent user from enlisting full amount of balance to another epochId, as it only check:
Yet, in mintRollOver, ‘==‘ will be skipped.
Impact
When such cases happen, the user has to explicitly delistInRollover and re-deposit for next epoch, costing gas and opportunity.
Code Snippet
https://github.com/sherlock-audit/2023-03-Y2K/blob/main/Earthquake/src/v2/Carousel/Carousel.sol#L401
Tool used
Manual Review
Recommendation
Change > to >=