ERC4626 + ERC20Permit

Here is a marvelous vulnerability I found while preparing for the PoolTogether contest and reading a previous audit report.

It may be useful for you when dealing with ERC4626, ERC20Permit and shares / assets conversion.

Check the next mintWithPermit() function. It uses a signature to approve the underlying asset. But the asset amount can be changed easily, so this method can be reverted and might be DoS’d!

The signature is generated using the exact value of the expected asset amount calculated from the share amount, and the resulting asset amount depends on the exchange rate of current vault.

The resulting asset amount can be different from the value of transaction start time. Even an adversary can front-run and manipulate the exchange rate!

If the resulting asset amount is different from the original one the signature will not work as expected and mintWithPermit() will revert in most cases!

Be careful when working with permits and conversions!