Missing Check on Withdrawal Amount
Summary
The LSTRewardsSplitter::withdraw function does not perform a validation check to ensure that the _amount being withdrawn is less than or equal to the available principalDeposits. This creates the possibility of an underflow, leading to incorrect accounting .
Vulnerability Detail
In the LSTRewardsSplitter::withdraw function, there is no check to ensure that the _amount specified for withdrawal is less than or equal to the principalDeposits. If the _amount exceeds the available principalDeposits, the contract will experience an underflow, causing the principalDeposits variable to incorrectly wrap around. This could lead to incorrect values or cause the contract logic to fail elsewhere where the principalDeposits value is used in other calculations or checks. The absence of this validation can result in unexpected behavior.
Impact
This could lead to incorrect token balances and expose the contract to underflow vulnerabilities, resulting in faulty accounting or even contract failure.
Code Snippet
Tool used
Manual Review
Recommendation
Before performing the subtraction of _amount from principalDeposits, add a check to ensure that _amount is less than or equal to principalDeposits. This will prevent underflow and ensure the contract remains in a valid state. The recommended fix is:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.