Beanstalk: Dive Into Basin
Beanstalk
DeFiHardhat
12,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Missing validation of `lpTokenSupply` in `calcLPTokenUnderlying()`

tigerfrake

Summary

In calcLPTokenUnderlying(), lpTokenSupply is used in the calculation of underlyingAmounts[0] and underlyingAmounts[1]. However, there is no check if the lpTokenSupply is zero which is used as division in the calculation.

Vulnerability Details

calcLPTokenUnderlying()

function calcLPTokenUnderlying(
uint256 lpTokenAmount,
uint256[] calldata reserves,
uint256 lpTokenSupply,
bytes calldata
) external pure returns (uint256[] memory underlyingAmounts) {
underlyingAmounts = new uint256[](2);
underlyingAmounts[0] = lpTokenAmount * reserves[0] / lpTokenSupply;
underlyingAmounts[1] = lpTokenAmount * reserves[1] / lpTokenSupply;
}

Impact

If the lpTokenSupply is zero, the calculation would result in a division by zero error. This is because of the denominator in the calculation. When the lpTokenSupply is zero, dividing by zero is not defined in Solidity, and the contract would revert with an error.

Tools Used

Manual Review

Recommendations

Appropriate checks should be added to ensure that the lpTokenSupply is non-zero before performing the division operation.

function calcLPTokenUnderlying(
uint256 lpTokenAmount,
uint256[] calldata reserves,
uint256 lpTokenSupply,
bytes calldata
) external pure returns (uint256[] memory underlyingAmounts) {
require(lpTokenSupply > 0, "Supply must be non-zero"); // @audit Corrected
underlyingAmounts = new uint256[](2);
underlyingAmounts[0] = lpTokenAmount * reserves[0] / lpTokenSupply;
underlyingAmounts[1] = lpTokenAmount * reserves[1] / lpTokenSupply;
}
Updates

Lead Judging Commences

giovannidisiena Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational/Invalid

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.