Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dhank - Variable users can deposit amount less than minimumDepositAmount deviating from the protocols design. #152

Open
sherlock-admin4 opened this issue Sep 21, 2024 · 0 comments
Open

dhank - Variable users can deposit amount less than minimumDepositAmount deviating from the protocols design. #152

sherlock-admin4 opened this issue Sep 21, 2024 · 0 comments

Comments

@sherlock-admin4
Copy link

sherlock-admin4 commented Sep 21, 2024
edited
Loading

dhank

Medium

Variable users can deposit amount less than minimumDepositAmount deviating from the protocols design.

Summary

Protocol doesnt check whether the amount deposited by Variable users is >= minimumDepositAmount but at the same time it checks the whether the remainingCapacity is greater than or equal to minimumDepositAmount.

Vulnerability Detail

Variable users and fixed users are only allowed to deposit amount >= minimumDepositAmount .Check is implemented for fixed Users but not for variable.

  /// @notice Minimum amount of ETH that can be deposited for variable or fixed side users
  uint256 public immutable minimumDepositAmount = 0.01 ether;

Impact

Variable users can deposit amount less than minimumDepositAmount deviating from the protocols design.

Code Snippet

https://github.com/sherlock-audit/2024-08-saffron-finance/blob/38dd9c8436db341c331f1b14545770c1766fc0ee/lido-fiv/contracts/LidoVault.sol#L61-L62

https://github.com/sherlock-audit/2024-08-saffron-finance/blob/38dd9c8436db341c331f1b14545770c1766fc0ee/lido-fiv/contracts/LidoVault.sol#L366-L377

Tool used

Manual Review

Recommendation

Check for minimumDepositAmount condition.
@sherlock-admin4 sherlock-admin4 changed the title Noisy Eggshell Peacock - Variable users can deposit amount less than minimumDepositAmount deviating from the protocols design. dhank - Variable users can deposit amount less than minimumDepositAmount deviating from the protocols design. Sep 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin4