Division by Zero Error in LibUnripe.sol underlyingToUnripe Function
Summary
The LibUnripe.sol library in the Beanstalk project contains a potential division by zero vulnerability in the underlyingToUnripe function. This error occurs when s.sys.silo.unripeSettings[unripeToken].balanceOfUnderlying (the balance of the underlying token in the Unripe Token) is 0, leading to division by zero and causing transaction reverts.
Vulnerability Details
The underlyingToUnripe function in LibUnripe.sol calculates the amount of Unripe Tokens corresponding to a given amount of Ripe Tokens. However, the function does not check if the value of s.sys.silo.unripeSettings[unripeToken].balanceOfUnderlying is 0 before performing the division:
If s.sys.silo.unripeSettings[unripeToken].balanceOfUnderlying is 0, this division will cause a division by zero error and revert the transaction.
Impact
If a user attempts to call the underlyingToUnripe function with an Unripe Token that has a 0 underlying token balance, the transaction will revert, causing the user to waste gas.
Tools Used
Manual Code Review
Recommendations
require check should be added to ensure that s.sys.silo.unripeSettings[unripeToken].balanceOfUnderlying is not 0 before performing the division:
Lead Judging Commences
Informational/Gas
Invalid as per docs https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.