0xvj - deposits with native ETH are not correctly handled in LMPVaultRouterBase

[sherlock-admin]

0xvj

medium

deposits with native ETH are not correctly handled in LMPVaultRouterBase

Summary

In LMPVaultRouterBase contract's mint and deposit functions contract is trying to pull WETH from user even though the user sends the required amount in native ETH.

Lines of Code

https://github.com/Tokemak/v2-core-audit-2023-07-14/blob/62445b8ee3365611534c96aef189642b721693bf/src/vault/LMPVaultRouterBase.sol#L111-L122

https://github.com/Tokemak/v2-core-audit-2023-07-14/blob/62445b8ee3365611534c96aef189642b721693bf/src/vault/LMPVaultRouterBase.sol#L54

Vulnerability Detail

1. The mint and deposit functions within the LMPVaultRouterBase contract are intended to manage deposits in both native ETH and WETH.
2. If a user provides a deposit in the form of native ETH to these functions, the _processEthIn() function converts this native ETH into WETH.
3. However, the router is attempting to pull WETH from the user once again, instead of utilizing the WETH that already exists within the router, which came from the conversion of the user's native ETH.

Impact

1. users can't use the native ETH for deposits.
2. Or double amount of funds will be taken from user if he also has WETH allowance to router.

Code Snippet

Proof Of Concept

function test_mint_with_native_eth() public {

  address user = address(100);
  vm.deal(user,10 ether);

  // Making sure base asset of vault is WETH
  assertEq(lmpVault.asset(),WETH_MAINNET);

  vm.startPrank(user);
  vm.expectRevert("SafeERC20: low-level call failed");
  // User trying to deposit to the vault using native ether
  lmpVaultRouter.deposit{value: 5 ether}(lmpVault,user,5 ether,0);
}

Tool used

Coverage Gutters and Manual Review

Recommendation

Don't pull WETH from the user when user is trying to deposit using native ETH

Duplicate of #1