Potential Incompatibility Issue with PufETHAdapter::_stake Function
Summary
The PufETHAdapter::_stake function is used to stake ether and this function calls puffer depositor's depositStETH function. However the implementation is not compatible with the deployed puffer depositor's depositStETH and it will always revert.
The PufETHAdapter::_stake function is responsible for staking Ether. This function calls the depositStETH function on the Puffer Depositor contract to handle the staking process.
However, the implementation of the PufETHAdapter::_stake function is incompatible with the deployed version of the Puffer Depositor's depositStETH function. Whenever the PufETHAdapter attempts to call depositStETH, the transaction will revert, causing the entire _stake operation to fail.
Vulnerability Detail
The PufETHAdapter::_stake calls the depositStETH function on the PUFFER_DEPOSITOR contract at L82.
The implementation of the PUFFER_DEPOSITOR.depositStETH function is as follows:
function depositStETH(Permit calldata permitData, address recipient)
external
restricted
returns (uint256 pufETHAmount)
{
try ERC20Permit(address(_ST_ETH)).permit({
owner: msg.sender,
spender: address(this),
value: permitData.amount,
deadline: permitData.deadline,
v: permitData.v,
s: permitData.s,
r: permitData.r
}) { } catch { }
// Transfer stETH from user to this contract. The amount received here can be 1-2 wei lower than the actual permitData.amount
SafeERC20.safeTransferFrom(IERC20(address(_ST_ETH)), msg.sender, address(this), permitData.amount);
// The PufferDepositor is not supposed to hold any stETH, so we sharesOf(PufferDepositor) to the PufferVault immediately
return PUFFER_VAULT.depositStETH(_ST_ETH.sharesOf(address(this)), recipient);
}
As evident from the code snippet, the depositStETH function on the PUFFER_DEPOSITOR contract expects two parameters, but the current implementation of the PufETHAdapter::_stake function only passes a single parameter.
As a result, any attempt to call the PufETHAdapter::_stake function will consistently revert due to the incompatibility between the input parameters passed by the function and the expected parameters of the depositStETH function.
Impact
The PufETHAdapter::_stake function, which is responsible for staking Ether on behalf of users, is fundamentally flawed and will always revert when invoked.
KupiaSec
medium
Potential Incompatibility Issue with
PufETHAdapter::_stake
FunctionSummary
The PufETHAdapter::_stake function is used to stake ether and this function calls puffer depositor's
depositStETH
function. However the implementation is not compatible with the deployed puffer depositor'sdepositStETH
and it will always revert.The PufETHAdapter::_stake function is responsible for staking
Ether
. This function calls thedepositStETH
function on thePuffer Depositor
contract to handle the staking process.However, the implementation of the
PufETHAdapter::_stake
function is incompatible with the deployed version of thePuffer Depositor
's depositStETH function. Whenever the PufETHAdapter attempts to call depositStETH, the transaction will revert, causing the entire_stake
operation to fail.Vulnerability Detail
The PufETHAdapter::_stake calls the
depositStETH
function on thePUFFER_DEPOSITOR
contract at L82.The implementation of the
PUFFER_DEPOSITOR.depositStETH
function is as follows:You can check the code here.
As evident from the code snippet, the
depositStETH
function on thePUFFER_DEPOSITOR
contract expects two parameters, but the current implementation of thePufETHAdapter::_stake
function only passes a single parameter.As a result, any attempt to call the PufETHAdapter::_stake function will consistently revert due to the incompatibility between the input parameters passed by the function and the expected parameters of the depositStETH function.
Impact
The PufETHAdapter::_stake function, which is responsible for staking
Ether
on behalf of users, is fundamentally flawed and will always revert when invoked.Code Snippet
https://github.com/sherlock-audit/2024-05-napier-update/blob/c31af59c6399182fd04b40530d79d98632d2bfa7/napier-uups-adapters/src/adapters/puffer/PufETHAdapter.sol#L66-L87
Tool used
Manual Review
Recommendation
It is recommended to fix the
_stake
function as follows:Duplicate of #21