Skip to content

depositWithSignature() won't work and always revert due to missing permit function in deposited asset #62

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
depositWithSignature() won't work and always revert due to missing permit function in deposited asset#62
Labels
OOS - fixedbugSomething isn't working
@hats-bug-reporter

Description

@hats-bug-reporter
hats-bug-reporter
opened on Sep 9, 2024

Github username: @0xRizwan
Twitter username: 0xRizwann
Submission hash (on-chain): 0x65db4f9773c0e4f7ecce60decd9cb1711a85e625ffec2b6bf429a25b1954497d
Severity: medium

Description:

Title

depositWithSignature() won't work and always revert due to missing permit function in deposited asset.

Severity

Medium

Affected contracts

wrstMTRG.sol, wstARB.sol, wstDOJ.sol, wstMANTA.sol, wstMETIS.sol, wstROSE.sol, wstVLX.sol, wstZETA.sol and wstToken.sol

Vulnerability Detail

wstToken.sol is the referred contract from which the above contracts are deployed. wstToken is ERC4626 compatible. For example, in case of wstROSE.sol, it allows to deposit stROSE token and mints wstROSE tokens. This issue is with depositWithSignature() function of wstToken.sol:

    function depositWithSignature(
        uint256 assets,
        address receiver,
        uint256 deadline,
        bool approveMax,
        uint8 v,
        bytes32 r,
        bytes32 s
    ) external nonReentrant returns (uint256 shares) {
        uint256 amount = approveMax ? type(uint256).max : assets;
        asset.permit(msg.sender, address(this), amount, deadline, v, r, s);
        return (deposit(assets, receiver));
    }

depositWithSignature() is used to deposit the assets via permit and later deposits in single transaction. depositWithSignature() will always revert and won't work as expected as the asset being permitted to address(this) i.e wstToken.sol contract does not have permit() function in its implementation. This can be checked in stToken.sol here

Therefore, assets like rstMTRG.sol, stARB.sol, stDOJ.sol, stMANTA.sol, stMETIS.sol, stROSE.sol, stVLX.sol, stZETA.sol tokens does not have permit() function to work correctly in depositWithSignature() function for depositing of stToken in vaults.

Impact

Assets can not be deposited in wstToken contracts due to missing permit() function in deposited assets as described above.

Recommendation to fix

Implement permit() function in stToken.sol and also make relevant changes in rstMTRG.sol, stARB.sol, stDOJ.sol, stMANTA.sol, stMETIS.sol, stROSE.sol, stVLX.sol, stZETA.sol contracts.

Consider below changes in stToken.sol:

  1. Add this openzeppelin's ERC20Permit.sol in stToken.sol.

  2. Inherit the added ERC20Permit.sol.

- contract stToken is ERC20, ERC20Burnable, Pausable, Ownable {
+ contract stToken is ERC20, ERC20Burnable, ERC20Permit, Pausable, Ownable {
    constructor(
        string memory name,
        string memory symbol,
        uint8 decimals
-     ) ERC20(name, symbol, decimals) {}
+    ) ERC20(name, symbol, decimals) ERC20Permit(name) {}

     . . . some code . . .

Metadata

Assignees

No one assigned

    Labels

    OOS - fixedbugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions