Open sherlock-admin3 opened 5 months ago
Such DoS doesn't meat requirements. This is because
stakeAmount
can be changed by changing maxStakeLimit on adapter and we can definitely avoid such revert if needed1 comment(s) were left on this issue during the judging contest.
z3s commented:
Low/Info; For an issue to be a valid Denial of Service (DoS), it must meet one of these criteria: 1. The issue causes locking of funds for users for more than a week. 2. The issue impacts the availability of time-sensitive functions. but The stakeAmount can be modified by changing the maxStakeLimit.
it's not because It can happens when depositing small amount. It's because stakeAmount is calculated by prefundedDeposit
. User deposit a large amount, stakeAmount can still be small amount (even zero) in _stake()
After the discussions on escalation on #54, this report will be the main issue of a new family.
no
high
Checking
RSETH_DEPOSIT_POOL.minAmountToDeposit()
inRsETHAdapter::_stake()
causes DosSummary
Checking
RSETH_DEPOSIT_POOL.minAmountToDeposit()
inRsETHAdapter::_stake()
causes DosVulnerability Detail
The _stake will revert in the condition that the stakeAmount is less than
RSETH_DEPOSIT_POOL.minAmountToDeposit()
, which is 100000000000000. This could always happens. Because stakeAmount is not the user's input, it is calculate by this protocal.The stakeAmount could be any small value. The users deposit right value using Tranche, but could revert, and they don't konw why.
Impact
The users deposit right value using Tranche, but could revert, and they don't konw why.
Code Snippet
https://github.com/sherlock-audit/2024-05-napier-update/blob/main/napier-uups-adapters/src/adapters/kelp/RsETHAdapter.sol#L77-L77
Tool used
Manual Review
Recommendation