This repository has been archived by the owner on Mar 3, 2024. It is now read-only.
n33k - LMPVault: DoS when feeSink
balance hits perWalletLimit
#679
Labels
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
n33k
medium
LMPVault: DoS when
feeSink
balance hitsperWalletLimit
Summary
The LMPVault token share has a per-wallet limit. LMPVault collects fees as share tokens to the
feeSink
address._collectFees
will revert if it mints shares that make thefeeSink
balance hit theperWalletLimit
.Vulnerability Detail
_collectFees
mints shares tofeeSink
._mint
calls_beforeTokenTransfer
internally to check if the target wallet exceedsperWalletLimit
._collectFees
function will revert ifbalanceOf(feeSink) + fee shares > perWalletLimit
.updateDebtReporting
,rebalance
andflashRebalance
call_collectFees
internally so they will be unfunctional.Impact
updateDebtReporting
,rebalance
andflashRebalance
won't be working iffeeSink
balance hitsperWalletLimit
.Code Snippet
https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/vault/LMPVault.sol#L823
https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/vault/LMPVault.sol#L849-L851
https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/vault/LMPVault.sol#L797
https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/vault/LMPVault.sol#L703
https://github.com/sherlock-audit/2023-06-tokemak/blob/main/v2-core-audit-2023-07-14/src/vault/LMPVault.sol#L727
Tool used
Manual Review
Recommendation
Allow
feeSink
to exceedsperWalletLimit
.The text was updated successfully, but these errors were encountered: