Kelp adapter won't allow users to deposit in some situations
Summary
Users will be unable to deposit into the Kelp adapter in some situations due to the _stake() function reverting.
Vulnerability Detail
The function RsETHAdapter::_stake() reverts if the passed stakeAmount is lower than the current minAmountToDeposit of Kelp:
function _stake(uint256 stakeAmount) internal override returns (uint256) {
if (stakeAmount == 0) return 0;
// Check LRTDepositPool stake limit
uint256 stakeLimit = RSETH_DEPOSIT_POOL.getAssetCurrentLimit(Constants.ETH);
if (stakeAmount > stakeLimit) {
// Cap stake amount
stakeAmount = stakeLimit;
}
// Check LRTDepositPool minAmountToDeposit
@> if (stakeAmount <= RSETH_DEPOSIT_POOL.minAmountToDeposit()) revert MinAmountToDepositError();
// Check paused of LRTDepositPool
if (RSETH_DEPOSIT_POOL.paused()) revert ProtocolPaused();
// Interact
IWETH9(Constants.WETH).withdraw(stakeAmount);
uint256 _rsETHAmt = RSETH.balanceOf(address(this));
RSETH_DEPOSIT_POOL.depositETH{value: stakeAmount}(0, REFERRAL_ID);
_rsETHAmt = RSETH.balanceOf(address(this)) - _rsETHAmt;
if (_rsETHAmt == 0) revert InvariantViolation();
return stakeAmount;
}
An user that is trying to deposit has not full control of the value of the stakeAmount, because the variable is dependant on the current bufferEthCache, queueEthCache and targetBufferEth as can be seen in the RsETHAdapter::prefundedDeposit() function:
zzykxx
medium
Kelp adapter won't allow users to deposit in some situations
Summary
Users will be unable to deposit into the Kelp adapter in some situations due to the
_stake()
function reverting.Vulnerability Detail
The function RsETHAdapter::_stake() reverts if the passed
stakeAmount
is lower than the currentminAmountToDeposit
of Kelp:An user that is trying to deposit has not full control of the value of the
stakeAmount
, because the variable is dependant on the currentbufferEthCache
,queueEthCache
andtargetBufferEth
as can be seen in the RsETHAdapter::prefundedDeposit() function:This results in the RsETHAdapter::_stake() function potentially reverting if the calculated
stakeAmount
is lower than Kelp currentminAmountToDeposit
.Impact
Users won't not be able to deposit funds in the
RsETHAdapter
if this situation manifests.Code Snippet
Tool used
Manual Review
Recommendation
In RsETHAdapter::_stake() return
0
if the calculatedstakeAmount
is lower thanminAmountToDeposit
:RsETHAdapter.sol#L77
Duplicate of #46