Potential Arithmetic Underflow in redeemCollateral Function Due to Insufficient Pre-Withdrawal Checks
Summary
A potential arithmetic underflow in the _redeemCollateral function of DSCEngine.sol could lead to unintended transaction reverts.
Vulnerability Details
The _redeemCollateral function in DSCEngine.sol decreases the amount of collateral deposited by a user:
However, there are currently no checks to ensure that amountCollateral is less than or equal to s_collateralDeposited[from][tokenCollateralAddress] before performing the subtraction. If amountCollateral exceeds the deposited collateral, an arithmetic underflow occurs, causing the transaction to revert.
Impact
This issue presents a low severity risk. While no funds are at risk and the contract state cannot be manipulated due to the automatic underflow protection provided by the Solidity 0.8.x compiler, users attempting to redeem more collateral than they have deposited will experience a transaction revert. This could lead to confusion and a negative user experience.
Tools Used
This issue was identified through manual code review and fuzz testing.
Recommendations
Improve the user experience and contract predictability by introducing a custom error and a modifier to ensure the amountCollateral is less than or equal to the user's deposited collateral:
This ensureSufficientCollateral modifier checks whether the amountCollateral exceeds the user's deposited collateral before execution of the function. If the check fails, the transaction reverts with a clear error message indicating the available and required collateral amounts.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.