[L-1]

Summary

Function does not return Logic as stated in NatSpec rather just returns the input amount as it is.

Vulnerability Details

The pure function beanToBDV(uint256 amount in the BDVFacet.sol contract does not return Logic for calculating the BDV of a given amount of bean as stated in the NatSpec of this particular function.

• /**

  • @dev Returns the BDV of a given amount of Beans.
    */
    function beanToBDV(uint256 amount) public pure returns (uint256) {
    return amount;
    }
    https://github.com/Cyfrin/2024-02-Beanstalk-1/blob/a3658861af8f5126224718af494d02352fbb3ea5/protocol/contracts/beanstalk/silo/BDVFacet.sol#L27C5-L32C6

As can be seen above the function simply returns the input amount and does not calculate the actual BDV of the amount of bean given, it just returns the amount of beans inputed as the BDV, which will be an incorrect value.

Impact

The function will definitely not return an accurate value for the BDV of a given amount of bean. When this function is called it would affect the integrity of the protocol by not delivering on its stated objective as described in the NatSpec of the function.

Tools Used

Manual Analysis

Recommendations

The function needs to add the logic for calculation of BDV of a given amount of bean. It should be changed to reflect the true BDV value of the stated bean. The needed Logic for actual calculation of BDV of a given amount of bean should look as follows (barring other checks that might be done on the input amount of bean).

/**

• @dev Returns the BDV of a given amount of Beans.
  */
  function beanToBDV(uint256 amount) public view returns (uint256) {
  return LibWellBdv.bdv(C.BEAN, amount);
  }