deposit
fails to validate the maximum deposit amount.
#300
Labels
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-501
grade-b
Q-30
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_61_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2024-04-panoptic/blob/58dda1b3b74e48f4d924731ec5da14096043fde0/contracts/CollateralTracker.sol#L420
Vulnerability details
Impact
due to the improper check, system is possible to mint more token than it should, and the
maxMint
limit may not workProof of Concept
we have
maxMint
check function defined :but in actual mint function, we do not use this function:
we just use
type(uint104).max
instead ofmaxMint
,which makes themaxmint
check not work properlyTools Used
manual
Recommended Mitigation Steps
change to
maxMint
checkAssessed type
Invalid Validation
The text was updated successfully, but these errors were encountered: