Summary

There is a typo in the error name TokenDivier__InvalidAmount(). It should be TokenDivider__InvalidAmount().

Vulnerability Details

The vulnerability lies in the misspelling of the error name TokenDivider__InvalidAmount(). In the codebase, the error is defined as TokenDivider__InvalidAmount(), but when it is called in the code, it is mistakenly written as TokenDivider__InvalidAmount(). This seemingly innocent typo may seem trivial, but it can have far-reaching implications.

Impact

The impact of this bug is significant. When the error is called in the code as TokenDivider__InvalidAmount(), the contract will not be able to recognize it as a valid error name. This can lead to unexpected behavior in the contract, such as failing to throw an error when an invalid amount is passed as input. This, in turn, can open up the contract to potential exploits, where malicious actors can manipulate the contract to their advantage.

Tools Used

Manual review

Recommendations

To mitigate this vulnerability, it is crucial to address the misspelling of the error name in the codebase.