Summary

The stepSun function in the Solidity smart contract does not explicitly handle the scenario where the deltaB parameter is zero. This can cause undefined behavior or missed state updates when the market condition is exactly at the peg, potentially affecting the protocol.

Vulnerability Details

The stepSun function adjusts contract states based on the value of deltaB, which represents the difference from a pegged value. The function currently handles positive and negative values of deltaB but does not address the case when deltaB is exactly zero.

https://github.com/Cyfrin/2024-05-Beanstalk-3/blob/662d26f12ee219ee92dc485c06e01a4cb5ee8dfb/protocol/contracts/beanstalk/sun/SeasonFacet/Sun.sol#L68-L81

• Positive deltaB: The function calculates new harvestable beans, adjusts the soil for conditions above the peg, and sets the abovePeg flag to true.

• Negative deltaB: Adjusts the soil for conditions below the peg and sets the abovePeg flag to false.

• Zero deltaB: There is no code branch or logic to handle this scenario.

Impact

The absence of explicit handling for deltaB == 0 could result in the contract not responding to market conditions where the value is exactly at the peg. This might lead to stale or incorrect soil levels and other state variables, potentially disrupting the economic model and user interactions based on these states.

Tools Used

Manual review

Recommendations

Add a specific branch in the stepSun function to handle the case when deltaB is zero.