nevillehuang
commented
7 months ago Invalid, known issue here, and affected amounts is extremely small
Closed sherlock-admin3 closed 7 months ago
nevillehuang
commented
7 months ago Invalid, known issue here, and affected amounts is extremely small
shaka
medium
User can lose up to 1 gwei on withdrawal.
Summary
Users can lose up to 1 gwei for withdrawals in ETH.
Vulnerability Detail
When a user requests a withdrawal in ETH, the amount of shares owed is reduced to the precision of a gwei, but the amount of restaking tokens to be pulled from the user's balance is not updated to reflect this. This means that the user can lose up to 1 gwei on withdrawal.
Impact
Users can lose up to 1 gwei on withdrawal.
Code Snippet
https://github.com/sherlock-audit/2024-02-rio-network-core-protocol/blob/main/rio-sherlock-audit/contracts/restaking/RioLRTCoordinator.sol#L105
Tool used
Manual Review
Recommendation
Adjust the
amountInfor the newsharesOwedvalue.