Upgraded Q -> 3 from #264 [1691857350267] #480
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
duplicate-439
satisfactory
satisfies C4 submission criteria; eligible for awards
Judge has assessed an item in Issue #264 as 3 risk. The relevant finding follows:
Let's see how it can be exploited. You can add this test to Withdraw.t.sol and run with forge test -vv --match-contract VaultWithdrawTest --match-test testWithdrawAllAssetsForHalfShares:
function testWithdrawAllAssetsForHalfShares() external {
vm.startPrank(alice);
}
Users can have balances more than type(uint96).max because of uint112 in the field balance of AccountDetails struct.
But burning from their balances will be only for amounts less than type(uint96).max because of bits cut off during type conversion in the _burn.
The text was updated successfully, but these errors were encountered: