[M-01] The `SmartVaultV3::mint` function has an error in the parameter passed to the `fullyCollateralised()` function, significantly impairing the functionality of the protocol.
Description:
The
requirestatement in theSmartVaultV3::mintfunction is incorrect due to an error in the parameter passed to thefullyCollateralised()function. In the coderequire(fullyCollateralised(_amount + fee), UNDER_COLL);, it should check whether the Smart Vault remains adequately collateralized after minting the_amountof EUROs. Therefore, the fee (fee) should not be added to the quantity checked.The code
minted = minted + _amount + fee;also has a problem. Sincemintedis updating the quantity, thefeeparameter should not be added.
Impact:
Incorrect parameter passed to the fullyCollateralised() function and incorrect updating of minted result in unexpected behavior when the owner calls the mint function. This significantly impairs the functionality of the protocol.
Recommended Mitigation:
The correct code should be:
Lead Judging Commences
informational/invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.