Blocking withdrawal Issue in Fee Redemption Logic when fees are really high
Summary
The current implementation of the fee redemption logic in the VaultRouterBranch.sol contract may lead to a blocking issue when redeeming shares. Specifically, if the fee shares (ctx.sharesFees) are significant and the vault has only enough assets for the user to withdraw, the redemption process may be blocked. This issue can be mitigated by splitting the logic for the fee recipient to redeem their own shares and allowing the user to withdraw shares minus fees if the vault has sufficient assets.
Vulnerability Details
The issue is located in the following code snippet:
Impact
The impact of this issue is that users may be unable to withdraw their assets if the fee shares are significant and the vault does not have enough assets to cover both the fee shares and the user's shares. This can lead to a denial of service for users attempting to withdraw their assets.
Tools Used
Manual code review
Recommendations
To mitigate this issue, it is recommended to split the logic for the fee recipient to redeem their own shares and allow the user to withdraw shares minus fees if the vault has sufficient assets. This can be achieved by implementing the following changes:
Allow the user to withdraw shares minus fees if the vault has sufficient assets.
Split the logic for the fee recipient to redeem their own shares separately.
This approach ensures that the user's withdrawal is not blocked by the fee redemption process and allows the fee recipient to redeem their shares independently.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.