Silvermist - Zero-amount deposits will cause an underflow on withdrawal #163
Labels
Sponsor Disputed
The sponsor disputed this issue's validity
Comments
sherlock-admin3
added
the
Sponsor Disputed
sherlock-admin4
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Silvermist
High
Zero-amount deposits will cause an underflow on withdrawal
Summary
Users can make zero-amount deposits, leading to an arithmetic underflow in the withdrawal logic. When a withdrawal is attempted, the function calculates
amount_to_transferbysubtracting withdraw_params.feefromwithdraw_params.token_amount. Withtoken_amountset to zero, this results in a negative outcome, which causes an underflow.Root Cause
There is no validation to ensure that the deposit amount is greater than zero, nor is there a check to prevent withdrawal if the amount is insufficient to cover fees, which can cause an underflow. When the amount_to_transfer is calculated,
withdraw_params.token_amount(which may be zero) haswithdraw_params.feesubtracted from it. This subtraction leads to an underflow iftoken_amountis zero.Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
No response
Impact
Due to the underflow, an attacker can get more tokens than they deposited.
PoC
No response
Mitigation
No response
The text was updated successfully, but these errors were encountered: