We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
maxwithdraw
withdraw
ERC-4626
In the EIP-4626 specification it reads:
maxwithdraw Maximum amount of the underlying asset that can be withdrawn from the owner balance in the Vault, through a withdraw call.
However, the current implementation misses this check:
function withdraw( uint256 assets, address receiver, address owner ) public virtual returns (uint256 shares) { shares = previewWithdraw(assets); // No need to check for rounding error, previewWithdraw rounds up. if (msg.sender != owner) { uint256 allowed = allowance[owner][msg.sender]; // Saves gas for limited approvals. if (allowed != type(uint256).max) allowance[owner][msg.sender] = allowed - shares; } beforeWithdraw(assets, shares); _burn(owner, shares); emit Withdraw(msg.sender, receiver, owner, assets, shares); asset.safeTransfer(receiver, assets); }
It should be considered adding something like that (I don't assume beforeWithdraw hook should be used for that):
beforeWithdraw
require(assets <= maxWithdraw(owner), "ERC4626: withdraw more than max");
Furthermore, similar checks are missing in deposit, mint, and redeem.
deposit
mint
redeem
The text was updated successfully, but these errors were encountered:
I have made the changes. Creating a pull request
Sorry, something went wrong.
No branches or pull requests
In the EIP-4626 specification it reads:
However, the current implementation misses this check:
It should be considered adding something like that (I don't assume
beforeWithdraw
hook should be used for that):Furthermore, similar checks are missing in
deposit
,mint
, andredeem
.The text was updated successfully, but these errors were encountered: