Summary
For fee-on-transfer tokens, depositCollateral
will not transfer amountCollateral
actually.
But s_collateralDeposited[msg.sender][tokenCollateralAddress]
is increased by amountCollateral
.
So when redeeming, there will be no enough tokens available to redeem.
function depositCollateral(address tokenCollateralAddress, uint256 amountCollateral)
public
moreThanZero(amountCollateral)
isAllowedToken(tokenCollateralAddress)
nonReentrant
{
s_collateralDeposited[msg.sender][tokenCollateralAddress] += amountCollateral;
emit CollateralDeposited(msg.sender, tokenCollateralAddress, amountCollateral);
bool success = IERC20(tokenCollateralAddress).transferFrom(msg.sender, address(this), amountCollateral);
if (!success) {
revert DSCEngine__TransferFailed();
}
}
Impact
Late users might not be able to redeem collateral because of accounting deficit.
Tool used
Manual Review
Recommendation
s_collateralDeposited
should be increase by actual amount changed.
function depositCollateral(address tokenCollateralAddress, uint256 amountCollateral)
public
moreThanZero(amountCollateral)
isAllowedToken(tokenCollateralAddress)
nonReentrant
{
- s_collateralDeposited[msg.sender][tokenCollateralAddress] += amountCollateral;
+ uint256 beforeBalance = IERC20(tokenCollateralAddress).balanceOf(address(this));
emit CollateralDeposited(msg.sender, tokenCollateralAddress, amountCollateral);
bool success = IERC20(tokenCollateralAddress).transferFrom(msg.sender, address(this), amountCollateral);
if (!success) {
revert DSCEngine__TransferFailed();
}
+ s_collateralDeposited[msg.sender][tokenCollateralAddress] += (IERC20(tokenCollateralAddress).balanceOf(address(this)) - beforeBalance);
}