Noisy Eggshell Peacock - Variable users can deposit amount less than minimumDepositAmount deviating from the protocols design.

[sherlock-admin4]

Noisy Eggshell Peacock

Medium

Variable users can deposit amount less than minimumDepositAmount deviating from the protocols design.

Summary

Protocol doesnt check whether the amount deposited by Variable users is >= minimumDepositAmount but at the same time it checks the whether the remainingCapacity is greater than or equal to minimumDepositAmount.

Vulnerability Detail

Variable users and fixed users are only allowed to deposit amount >= minimumDepositAmount .Check is implemented for fixed Users but not for variable.

  /// @notice Minimum amount of ETH that can be deposited for variable or fixed side users
  uint256 public immutable minimumDepositAmount = 0.01 ether;

Impact

Variable users can deposit amount less than minimumDepositAmount deviating from the protocols design.

Code Snippet

https://github.com/sherlock-audit/2024-08-saffron-finance/blob/38dd9c8436db341c331f1b14545770c1766fc0ee/lido-fiv/contracts/LidoVault.sol#L61-L62

https://github.com/sherlock-audit/2024-08-saffron-finance/blob/38dd9c8436db341c331f1b14545770c1766fc0ee/lido-fiv/contracts/LidoVault.sol#L366-L377

Tool used

Manual Review

Recommendation

Check for minimumDepositAmount condition.