QuantAMM
QuantAMM
49,600 OP
View results
Previous Next
Submission Details
Severity: low
Invalid

Incorrect Deposit Limit Check Allows One Extra Deposit Beyond Intended Maximum

akay

Summary

The addLiquidityProportional function in UpliftOnlyExample.sol has an issue with its deposit limit check that allows users to make 101 deposits instead of the intended maximum of 100 deposits, violating the contract's documented requirements.

Vulnerability Details

Looking at the if loop in the addLiquidityProportional function:

if (poolsFeeData[pool][msg.sender].length > 100) {
revert TooManyDeposits(pool, msg.sender);
}

starting from index 0, the current implementation checks if its >100 which would result in 101 deposits and this contradicts the documented requirement in the error definition:

/**
* @notice To avoid Ddos issues, a single depositor can only deposit 100 times
* @param pool The pool the depositor is attempting to deposit to
* @param depositor The address of the depositor
*/
error TooManyDeposits(address pool, address depositor);

Impact

Users can make 101 deposits instead of the intended 100

Tools Used

  • Manual code review

Recommendations

Change the condition to use greater than or equal to:

if (poolsFeeData[pool][msg.sender].length >= 100) {
revert TooManyDeposits(pool, msg.sender);
}

or you can also still stick with just greater than but chnage the digit from 100 to 99:

if (poolsFeeData[pool][msg.sender].length > 99) {
revert TooManyDeposits(pool, msg.sender);
}

This fix will allow exactly 100 deposits (indices 0 to 99) and revert on attempt to make the 101st deposit.

Updates

Lead Judging Commences

n0kto Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

invalid_Uplift_101_deposit_strict_equal

Only 1 more NFT won’t have any impact. Informational.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!