Sneaky Zinc Narwhal - some funds will not be converted nor returned to the depositor

[sherlock-admin2]

Sneaky Zinc Narwhal

High

some funds will not be converted nor returned to the depositor

Summary

in the contract TokenRewards function depositFromPairedLpToken line 177 it will try to swap the PAIRED_LP_TOKEN into reward and it uses the function _swapForRewards and if _rewardsSwapAmountInOverride is greater than zero it will override the amounin variable and use that instead of the one that the user deposited so if _rewardsSwapAmountInOverride is less than the one that the user deposited it will try to swap a small amount the problem here is that the user will not receive the remaining amount which is (the amount that the user deposited - _rewardsSwapAmountInOverride)

if (_rewardsSwapAmountInOverride > 0) {
            _adminAmt = (_adminAmt * _rewardsSwapAmountInOverride) / _amountIn;
            _amountOut = (_amountOut * _rewardsSwapAmountInOverride) / _amountIn;
            _amountIn = _rewardsSwapAmountInOverride;
        }

https://github.com/sherlock-audit/2025-01-peapods-finance/blob/main/contracts/contracts/TokenRewards.sol#L293

Root Cause

in the function line 293 _rewardsSwapAmountInOverride will override the actual amount that the user deposited

Internal Pre-conditions

_rewardsSwapAmountInOverride have to be greater than zero

External Pre-conditions

nothing

Attack Path

nothing

Impact

the fund will not be convert or might even stack in the contract

PoC

No response

Mitigation

No response