Rebasing tokens can break functionality of getStakingTokensForVaultShare function in BaseStakingVault.sol
Summary
Using rebase tokens in getStakingTokensForVaultShare can break functionality.
Vulnerability Detail
The getStakingTokensForVaultShare function has comments mentioning -
// NOTE: this calculation works as long as staking tokens do not rebase and we do not
// do any reinvestment into the staking token.
This means that the functionality of getStakingTokensForVaultShare can break if any rebasing token is used.
Firstly there are no checks which ensures that no rebasing tokens are used.
Secondly, stETH which is being approved in the triggerExtraStep function of Kelp.sol is a rebasing token. See here
The protocol as per the documentation mentions use of the following tokens:
EtherFi: weETH, eETH
Ethena: USDe, sUSDe
Pendle: PT tokens
Kelp: rsETH
Use of stETH from Lido is not mentioned.
Impact
If a function is not meant to handle rebasing tokens and rebasing tokens are being passed in it, then it breaks the functionality of that function. Which can lead to unexpected behavior of the protocol. Check potential hazards of using stETH here
Code Snippet
Tool used
Manual Review
Recommendation
Implement checks for ensuring that tokens which can enter the getStakingTokensForVaultShare function are not rebasing.
unRekt
Medium
Rebasing tokens can break functionality of
getStakingTokensForVaultShare
function inBaseStakingVault.sol
Summary
Using rebase tokens in
getStakingTokensForVaultShare
can break functionality.Vulnerability Detail
The
getStakingTokensForVaultShare
function has comments mentioning -This means that the functionality of
getStakingTokensForVaultShare
can break if any rebasing token is used. Firstly there are no checks which ensures that no rebasing tokens are used. Secondly,stETH
which is being approved in thetriggerExtraStep
function ofKelp.sol
is a rebasing token. See hereLink to
getStakingTokensForVaultShare
: https://github.com/sherlock-audit/2024-06-leveraged-vaults/blob/14d3eaf0445c251c52c86ce88a84a3f5b9dfad94/leveraged-vaults-private/contracts/vaults/staking/BaseStakingVault.sol#L93-L98Link to
triggerExtraStep
: https://github.com/sherlock-audit/2024-06-leveraged-vaults/blob/14d3eaf0445c251c52c86ce88a84a3f5b9dfad94/leveraged-vaults-private/contracts/vaults/staking/protocols/Kelp.sol#L69-L86The protocol as per the documentation mentions use of the following tokens: EtherFi: weETH, eETH Ethena: USDe, sUSDe Pendle: PT tokens Kelp: rsETH Use of stETH from Lido is not mentioned.
Impact
If a function is not meant to handle rebasing tokens and rebasing tokens are being passed in it, then it breaks the functionality of that function. Which can lead to unexpected behavior of the protocol. Check potential hazards of using stETH here
Code Snippet
Tool used
Manual Review
Recommendation
Implement checks for ensuring that tokens which can enter the
getStakingTokensForVaultShare
function are not rebasing.