SemiFungibleVault's previewWithdraw/previewRedeem implementation is not ERC-4626 compliant #42
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
duplicate
This issue or pull request already exists
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
Lines of code
https://github.com/code-423n4/2022-09-y2k-finance/blob/main/src/SemiFungibleVault.sol#L205-L214
https://github.com/code-423n4/2022-09-y2k-finance/blob/main/src/SemiFungibleVault.sol#L221-L228
Vulnerability details
Impact
ERC-4626 defines the
previewWithdraw()
andpreviewRedeem()
functions with the intention of being used as a way to "simulate" a withdraw. Thus, thepreviewWithdraw()
andpreviewRedeem()
functions should revert when passed a set of parameters that would causewithdraw()
to revert.In addition,
previewWithdraw()
andpreviewRedeem()
must be inclusive of withdraw/redemption fees, as defined in the ERC-4626 spec. SemiFungibleVault's implementation ofpreviewWithdraw()
andpreviewRedeem()
do not factor in fees, making the contract non-compliant with ERC-4626.Proof of Concept
previewWithdraw()
implementationpreviewRedeem()
implementationpreviewWithdraw()
andpreviewMint()
fail to revert under the following conditions:previewWithdraw()
andpreviewMint()
fail to include fee calculations that are performed bywithdraw()
here.Tools Used
Manual Review
Recommended Mitigation Steps
The
previewWithdraw()
andpreviewMint()
functions should be modified so they revert whenever thewithdraw()
function would revert.In addition, the
previewWithdraw()
andpreviewMint()
functions must be modified so their calculations are inclusive of protocol fees.The text was updated successfully, but these errors were encountered: