Missing `maxwithdraw` check in `withdraw` function of `ERC-4626`

Question

Missing `maxwithdraw` check in `withdraw` function of `ERC-4626`

pcaversaccio opened this issue a year ago · comments

sudo rm -rf --no-preserve-root / commented a year ago

In the EIP-4626 specification it reads:

maxwithdraw
Maximum amount of the underlying asset that can be withdrawn from the owner balance in the Vault, through a withdraw call.

However, the current implementation misses this check:

    function withdraw(
        uint256 assets,
        address receiver,
        address owner
    ) public virtual returns (uint256 shares) {
        shares = previewWithdraw(assets); // No need to check for rounding error, previewWithdraw rounds up.

        if (msg.sender != owner) {
            uint256 allowed = allowance[owner][msg.sender]; // Saves gas for limited approvals.

            if (allowed != type(uint256).max) allowance[owner][msg.sender] = allowed - shares;
        }

        beforeWithdraw(assets, shares);

        _burn(owner, shares);

        emit Withdraw(msg.sender, receiver, owner, assets, shares);

        asset.safeTransfer(receiver, assets);
    }

It should be considered adding something like that (I don't assume beforeWithdraw hook should be used for that):

require(assets <= maxWithdraw(owner), "ERC4626: withdraw more than max");

Furthermore, similar checks are missing in deposit, mint, and redeem.

Advock · Answer 1 · Thu Apr 20 2023 14:07:46 GMT+0800 (China Standard Time)

I have made the changes. Creating a pull request