Liquid Staking
Stakelink
DeFiHardhatOracle
50,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

`StakingPool.sol::canDeposit` function will return incorrect value and less than minimum amount of deposit that is possible.

aua_oo7

Summary

https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/core/StakingPool.sol#L259-L267

Vulnerability Details

There is limit of maximum and minimum amount that can be deposit into `StakingPool.sol`. `StakingPool.sol::canDeposit` function will check if there is possibility of deposit or not. but the canDeposit function

doesn't check if the there is space for deposit and that space is in the correct limit bound(max and min), this wrong value will be reason that user think it can deposit but actually it can't be able due to less amount than minimum deposit limitation.

Impact

returning wrong value.

Tools Used

Manual Review, Visual Studio Code

Recommendations

check the return value against minimum deposit amount that allowed in StakingPool. and return correct space limit.

```solidity

function canDeposit() external view returns (uint256) {

uint256 max = getMaxDeposits();

if (max <= totalStaked) {

return 0;

} else {

-- return max - totalStaked;

++uint256 amount = max - totalStaked;

++ if(amount < getMinDeposit()) return 0;

++ return amount;

}

}

```

Updates

Lead Judging Commences

inallhonesty Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Lack of quality

Appeal created

aua_oo7 Submitter
10 months ago
inallhonesty Lead Judge
10 months ago
inallhonesty Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Lack of quality

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.