Closed sherlock-admin3 closed 4 months ago
Drynooo
medium
The parameters used to call the depositStETH function in the _stake function are incorrect and will cause the execution to fail.
The current depositStETH function of the PUFFER_DEPOSITOR contract contains a receiver parameter, but this parameter is missing in the current protocol call, and the call will fail.
The normal staking function cannot be used and users cannot stake.
/** * @inheritdoc IPufferDepositorV2 */ function depositStETH(Permit calldata permitData, address recipient) external restricted returns (uint256 pufETHAmount)
// Stake stETH to PufferDepositor uint256 _pufETHAmt = PUFFER_DEPOSITOR.depositStETH(Permit(block.timestamp, _stETHAmt, 0, 0, 0));
Manual Review
It is recommended to transfer the correct parameters.
Duplicate of #21
Drynooo
medium
The _stake function in the PufETHAdapter contract will revert
Summary
The parameters used to call the depositStETH function in the _stake function are incorrect and will cause the execution to fail.
Vulnerability Detail
The current depositStETH function of the PUFFER_DEPOSITOR contract contains a receiver parameter, but this parameter is missing in the current protocol call, and the call will fail.
Impact
The normal staking function cannot be used and users cannot stake.
Code Snippet
Tool used
Manual Review
Recommendation
It is recommended to transfer the correct parameters.
Duplicate of #21