-
Notifications
You must be signed in to change notification settings - Fork 8
enfrasico - Deposits cannot be made when there is no limit for totalSupply and per wallet limit #665
Comments
1 comment(s) were left on this issue during the judging contest. Trumpero commented:
|
Escalate This is a valid medium. This is a bug in core functionality. It is true that totalSupplyLimit and perWalletLimit are set by the admin, but it is part of the Tokemak's specification that these values are set to |
You've created a valid escalation! To remove the escalation from consideration: Delete your comment. You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final. |
This issue should be valid and fixed. An overflow could occur if the admin decided to set it to "no limit". |
You've created a valid escalation! To remove the escalation from consideration: Delete your comment. You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final. |
I understand that this is a valid issue and needs to be fixed, but I believe it should be a low issue. It doesn't cause any loss of funds since users are unable to deposit any funds in this case. It can't break the protocol, as the admin is able to set a new configuration and resolve it (they can config a very large value for perWalletLimit, such as type(uint128).max, instead of type(uint256).max). Therefore, I believe the impact of this issue is low and doesn't meet the requirements of a medium issue. |
I believe this issue falls into the following category
Planning to reject escalation and keep invalid |
Result: |
Escalations have been resolved successfully! Escalation status:
|
Hi @Evert0x, I believe there is a mistake here, and would like to request for a re-review. According to Trumpero's comment, and I quote, "admin is able to set a new configuration and resolve it (they can config a very large value for perWalletLimit, such as type(uint128).max", but this directly contradicts the specification of ERC-4626. If we look at ERC4626's specification for Specifically, if there is no limit for the maximum amount of assets to be deposited, the vault MUST return |
enfrasico
medium
Deposits cannot be made when there is no limit for totalSupply and per wallet limit
Summary
Deposits cannot be made due to overflow when tsLimit == uint256.max && walletLimit == uint256.max as
_maxMint
returns uint256.max under these conditions.Vulnerability Detail
The code flow will look like this when a user tries to deposit.
deposit()
is calledmaxDeposit()
to check if the assets currently deposited is more than what the user can deposit at maximummaxDeposit()
callsconvertToAssets()
which calls_maxMint()
_maxMint()
returns uint256.max when tsLimit == uint256.max && walletLimit == uint256.maxconvertToAssets()
since uint256.max cannot be multiplied with any number > 0Impact
Deposits cannot be made by users when we want to set no limits for total supply and per wallet supply.
Code Snippet
https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/vault/LMPVault.sol#L936-L938
Tool used
Manual Review
Recommendation
Consider this special case for when we want do not want to restrict total supply and per wallet supply.
Duplicate of #577
The text was updated successfully, but these errors were encountered: