Submitted by innertia.
Relevant GitHub Links
At the deposit stage, large
minSharesAmt are not checked and the status of the contract is changed to
Deposit. However, it will be checked at the next stage of
processDeposit, which can lead to a failure without fail. Since the status change affects the entire contract, a large number of malicious Deposits can disrupt the normal progress of business.
uint256 minSharesAmt in
DepositParams can be determined by the user at
Deposit time. By setting this to a large value, while successfully changing state to
Deposit, the following checks cannot be broken through in subsequent phases, and the transaction will fail.
if ( self.depositCache.sharesToUser < self.depositCache.depositParams.minSharesAmt ) revert Errors.InsufficientSharesMinted(); }
Disrupts normal business operations by issuing malicious Deposits in large quantities
Set a realistic upper limit on minSharesAmt.