search

sherlock-audit / 2024-05-napier-update-judging

8 stars 7 forks source link

merlin - The _stake function in the PufETHAdapter will always fail #43

Closed sherlock-admin4 closed 4 months ago

sherlock-admin4 commented 5 months ago

merlin

medium

The _stake function in the PufETHAdapter will always fail

Summary

The PufETHAdapter smart contract attempts to call the depositStETH function in the Puffer Depositor smart contract, but as indicated in the title, this call will always fail.

Vulnerability Detail

Here's what happens when a user calls the issue function in Tranche.sol with the PufETHAdapter adapter:

issue
   adapter.prefundedDeposit()
      _stake
         PUFFER_DEPOSITOR.depositStETH

The PufETHAdapter interacts with PUFFER_DEPOSITOR (0x4aA799C5dfc01ee7d790e3bf1a7C2257CE1DcefF) and makes the following call:

PUFFER_DEPOSITOR.depositStETH(Permit(block.timestamp, _stETHAmt, 0, 0, 0));

However, if we look at the depositStETH function, it takes two arguments:

function depositStETH(Permit calldata permitData, address recipient)

Therefore, the depositStETH call will always fail because the function is being called with only one argument, missing the address recipient.

Impact

Users cannot make deposits into the Puffer protocol.

Code Snippet

src/adapters/puffer/PufETHAdapter.sol#L82

Tool used

Manual Review

Recommendation

Consider calling the depositStETH function with two arguments: Permit permitData and address recipient.

Duplicate of #21