Part 2
Zaros
PerpetualsDEXFoundrySolidity
70,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Decimal mismatch in `deposit()` minShares validation

cipher27

Summary

The deposit() function performs incorrect validation between minShares and actual shares due to potential decimal mismatch.

Vulnerability Details

The deposit() function accepts minShares parameter in 18 decimals but compares it directly with shares that may have different decimals based on the vault's index token:

File: VaultRouterBranch.sol
262: /// @param minShares The minimum amount of index tokens to receive in 18 decimals.
...
356: // then perform the actual deposit
357: // NOTE: the following call will update the total assets deposited in the vault
358: // NOTE: the following call will validate the vault's deposit cap
359: // invariant: no tokens should remain stuck in this contract
360: ctx.shares = IERC4626(indexTokenCache).deposit(ctx.assetsMinusFees, msg.sender);
361:
362: // assert min shares minted
363: if (ctx.shares < minShares) revert Errors.SlippageCheckFailed(minShares, ctx.shares);

As a result, the validation wouldn't work as intended if the vault's index token has a different decimal precision than 18.

Impact

Users may experience failed transactions or receive fewer shares than expected due to incorrect decimal comparison between minShares and actual shares.

Recommendations

Convert both minShares and ctx.shares to the same decimal format before performing the comparison.

Updates

Lead Judging Commences

inallhonesty Lead Judge 6 months ago
Submission Judgement Published
Validated
Assigned finding tags:

The `deposit()` function in the `VaultRouterBranch` contract may incorrectly validate the minimum shares (`minShares`) due to a mismatch in `decimal` representations.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.