The smart contract contains a vulnerability where ETH deposits of zero value are not processed correctly.
If a zero value deposit is attempted, the function will return early due to the condition if (_amount == 0) { return; }
This can lead to ETH being left in a state where it cannot be restored or accessed by users.
Condition Triggering Vulnerability: _amount == 0
if depositAmount is zero and ETH sent, the function exits early without processing the transaction.
However, the ETH passed into the function may become stuck if not handled properly.
User Impact: Users attempting to deposit zero ETH may find their funds stuck in the contract, leading to potential loss or inability to recover the ETH.
Contract Integrity: The contract may experience unintended behavior or loss of funds if not designed to handle such edge cases correctly.
Check and Handle Zero Deposits.
Invalid, these are by default, invalid based on codehawks [general guidelines](https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity#findings-that-may-be-invalid). The check implemented is simply a sufficiency check, it is users responsibility to only send an appropriate amount of native tokens where amount == msg.value when native token is intended to be used as collateral (which will subsequently be deposited as wrapped token). All excess ETH can be rescued using the `Rescuable.sol` contract. > Users sending ETH/native tokens > If contracts allow users to send tokens acc111identally.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.