4 matches found
Wrong implementations in ERC4626RouterBase contract
Lines of code Vulnerability details The ERC4626RouterBase contract contains a set of functions that act as wrappers for a ERC4626 contract, providing a base periphery functionality around a ERC4626 vault. There are a number of different flaws in the wrapped implementations of mint, deposit,...
QA Report
Low and non-critical bugs wrong implementation of ERC4626RouterBase's withdraw function In the interface we can see the function description: / @notice withdraw amount from an ERC4626 vault. @param vault The ERC4626 vault to withdraw assets from. @param to The destination of assets. @param amount...
ERC4626RouterBase.withdraw should use a **max** shares out check
Lines of code Vulnerability details Impact The docs/video say ERC4626RouterBase.sol is in scope as its part of TurboRouter The ERC4626RouterBase.withdraw function withdraws the asset amount parameter by burning shares. function withdraw IERC4626 vault, address to, uint256 amount, uint256...
TurboRouter: deposit(), mint(), createSafeAndDeposit() and createSafeAndDepositAndBoost() functions do not work
Lines of code Vulnerability details Impact The TurboRouter contract inherits from the ERC4626RouterBase contract. When the user calls the deposit, mint, createSafeAndDeposit and createSafeAndDepositAndBoost functions of the TurboRouter contract, the deposit and mint functions of the...