Beanstalk Part 1
Beanstalk
DeFiHardhatOracleProxyUpdates
100,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Balance of Underlying should be checked in `switchUnderlyingToken`

0xbeastboy

Summary

In LibUnripe:switchUnderlyingToken there is a missing must condition that the balance of underlying of unripe token should be zero before switching underlying token s.u[unripeToken].balanceOfUnderlying == 0.

Vulnerability Details

Although some functions calling it have checked the condition there is 1 function in InitMigrateUnripeBean3CrvToBeanEth that has left it. Also if there are more functionalities which will need this function its highly possible that this check will be missed.

Impact

Without this validation, it could lead to unexpected behavior or inconsistencies in the underlying token switching process, and if there is some balance. That will be lost during the switching.

Tools Used

Manual Review

Recommendations

Apply this condition require(s.u[unripeToken].balanceOfUnderlying == 0, "Unripe: Underlying balance > 0"); in the start of switchUnderlyingToken to resolve the issue.

Updates

Lead Judging Commences

giovannidisiena Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Out of scope
0xbeastboy Submitter
over 1 year ago
giovannidisiena Lead Judge
over 1 year ago
giovannidisiena Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Out of scope
Assigned finding tags:

Informational/Invalid

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.