Missing `maxwithdraw` check in `withdraw` function of `ERC-4626`
pcaversaccio opened this issue · comments
sudo rm -rf --no-preserve-root / commented
In the EIP-4626 specification it reads:
maxwithdraw
Maximum amount of the underlying asset that can be withdrawn from the owner balance in the Vault, through a withdraw call.
However, the current implementation misses this check:
function withdraw(
uint256 assets,
address receiver,
address owner
) public virtual returns (uint256 shares) {
shares = previewWithdraw(assets); // No need to check for rounding error, previewWithdraw rounds up.
if (msg.sender != owner) {
uint256 allowed = allowance[owner][msg.sender]; // Saves gas for limited approvals.
if (allowed != type(uint256).max) allowance[owner][msg.sender] = allowed - shares;
}
beforeWithdraw(assets, shares);
_burn(owner, shares);
emit Withdraw(msg.sender, receiver, owner, assets, shares);
asset.safeTransfer(receiver, assets);
}
It should be considered adding something like that (I don't assume beforeWithdraw
hook should be used for that):
require(assets <= maxWithdraw(owner), "ERC4626: withdraw more than max");
Furthermore, similar checks are missing in deposit
, mint
, and redeem
.
Advock commented
I have made the changes. Creating a pull request