Submission Details
Severity:
Require used twice with same condition in `ConvertFacet:convert`
Summary
In the ConvertFacet:convert require statement is used twice with the same check. I think one condition is for toAmount in here.
Vulnerability Details
Check the require statement in the code below
function convert(bytes calldata convertData, int96[] memory stems, uint256[] memory amounts)
external
payable
nonReentrant
returns (int96 toStem, uint256 fromAmount, uint256 toAmount, uint256 fromBdv, uint256 toBdv)
{
address toToken;
address fromToken;
uint256 grownStalk;
(toToken, fromToken, toAmount, fromAmount) = LibConvert.convert(convertData);
require(fromAmount > 0, "Convert: From amount is 0.");
require(fromAmount > 0, "Convert: From amount is 0."); //@dev why the same require statment used twice
LibSilo._mow(msg.sender, fromToken);
LibSilo._mow(msg.sender, toToken);
(grownStalk, fromBdv) = _withdrawTokens(fromToken, stems, amounts, fromAmount);
// calculate the bdv of the new deposit
uint256 newBdv = LibTokenSilo.beanDenominatedValue(toToken, toAmount);
toBdv = newBdv > fromBdv ? newBdv : fromBdv;
toStem = _depositTokensForConvert(toToken, toAmount, toBdv, grownStalk);
emit Convert(msg.sender, fromToken, toToken, fromAmount, toAmount);
}
Impact
Its not checking toAmount but checking fromAmount twice which is not good
Tools Used
Manual Review
Recommendations
Either remove one require or replace fromAmount with toAmount.
Updates
Lead Judging Commences
giovannidisiena over 1 year ago
Submission Judgement Published Reason: Other
Assigned finding tags:
Informational/Invalid
Convert validation
Prize pool breakdown
Total prize
100,000 USDC
nSLOC
5,77617 USDC / LOC
95,000 USDC
5,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.