Spender have unrestricted access to the account's shares.
Summary
The approve function allows the approval of an unlimited number of shares to be spent by a spender. It does not impose any limit on the amount parameter leading to unauthorized access and loss of funds.
Vulnerability Detail
If an attacker gains control of a user's account and approves an unlimited number of shares to be spent by a malicious contract, it can lead to the depletion of the user's share balance or allow the attacker to manipulate the vault's state and potentially cause financial losses.
Impact
It gives the spender the ability to transfer a significant amount of shares from the caller's account without any additional authorization. This can result in the loss of the caller's shares or unintended transfers to unauthorized recipients.
Modify the approve function to include a check that limits the approval amount. In the example, in the link below a maximum approval limit is set to 1000 shares (you can adjust this value according to your requirements). The function checks if the amount parameter exceeds the maximum limit, and if so, it reverts the transaction with an error message:
https://github.com/seerether/Perrenial/blob/main/perrenialmitigation11
seerether
high
Spender have unrestricted access to the account's shares.
Summary
The approve function allows the approval of an unlimited number of shares to be spent by a spender. It does not impose any limit on the amount parameter leading to unauthorized access and loss of funds.
Vulnerability Detail
If an attacker gains control of a user's account and approves an unlimited number of shares to be spent by a malicious contract, it can lead to the depletion of the user's share balance or allow the attacker to manipulate the vault's state and potentially cause financial losses.
Impact
It gives the spender the ability to transfer a significant amount of shares from the caller's account without any additional authorization. This can result in the loss of the caller's shares or unintended transfers to unauthorized recipients.
Code Snippet
https://github.com/sherlock-audit/2023-05-perennial/blob/main/perennial-mono/packages/perennial-vaults/contracts/balanced/BalancedVault.sol#L236-L240
Tool used
Manual Review
Recommendation
Modify the approve function to include a check that limits the approval amount. In the example, in the link below a maximum approval limit is set to 1000 shares (you can adjust this value according to your requirements). The function checks if the amount parameter exceeds the maximum limit, and if so, it reverts the transaction with an error message: https://github.com/seerether/Perrenial/blob/main/perrenialmitigation11