Beanstalk Part 2

Beanstalk

DeFiHardhat

35,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

No validation of the `remainingRecapitalization` calculating the `percentToFill` in function `addUnderlying`

4th05

Summary

LibFertilizer: addUnderlying function calculates the amount of underlying assets that have to be added to Unripe Beans and the Unripe LP. To know how many new deposited Beans will be minted the percentToFill is calculated using as a denominator remainingRecapitalization() but there is no check if remainingRecapitalization() is zero, before using it.

Vulnerability Details

remainingRecapitalization() function which is used in calculating the percentToFill returns zero by construction in case in which: s.recapitalized >= totalDollars see the code:

function remainingRecapitalization()

internal

view

returns (uint256 remaining)

{

AppStorage storage s = LibAppStorage.diamondStorage();

uint256 totalDollars = C

.dollarPerUnripeLP()

.mul(C.unripeLP().totalSupply())

.div(DECIMALS);

totalDollars = totalDollars / 1e6 * 1e6; // round down to nearest USDC

if (s.recapitalized >= totalDollars) return 0;

return totalDollars.sub(s.recapitalized);

}

function addUnderlying(uint256 tokenAmountIn, uint256 usdAmount, uint256 minAmountOut) internal {

AppStorage storage s = LibAppStorage.diamondStorage();

// Calculate how many new Deposited Beans will be minted

uint256 percentToFill = usdAmount.mul(C.precision()).div(

remainingRecapitalization()

);

uint256 newDepositedBeans;

if (C.unripeBean().totalSupply() > s.u[C.UNRIPE_BEAN].balanceOfUnderlying) {

newDepositedBeans = (C.unripeBean().totalSupply()).sub(

s.u[C.UNRIPE_BEAN].balanceOfUnderlying

);

newDepositedBeans = newDepositedBeans.mul(percentToFill).div(

C.precision()

);

}

Impact

If the remainingRecapitalization() returns 0 the calculation of the percentToFill would result in a division by zero error, because the denominator. When remainingRecapitalization() is zero, Solidity can’t divide by zero and then the contract will revert with an error.

It impacts ‘addUnderlyingwhich is used in theaddFertilizerfunction which in turn is used inmintFertilizer`

Tools Used

Manual review

Recommendations

Add an appropriate check of remainingRecapitalization() before calculating the division in percentToFill to ensure that is not zero.

Updates

Lead Judging Commences

giovannidisiena Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Assigned finding tags:

Informational/Invalid

Prize pool breakdown

Total prize

35,000 USDC

nSLOC

1,991

18 USDC / LOC

High Medium

30,000 USDC

Low

1,500 USDC

Judges

3,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.