The getPenalizedUnderlying
function has an issue where the calculation of redeemable Ripe Tokens can exceed the actual underlying amount available. This occurs due to the use of a ratio that can "potentially" exceed 1 when s.recapitalized
is greater than totalUsdNeeded
.
If not addressed, this issue could lead to scenarios where users are able to redeem more Ripe Tokens than should logically be available
First let's look at the getPenalizedUnderlying
function:
Here, redeem
can potentially exceed underlyingAmount
if s.recapitalized
is greater than totalUsdNeeded
. The current safeguard:
acts as a temporary fix but does not address the root cause of the issue. The formula should inherently ensure that redeem does not exceed underlyingAmount without requiring a conditional check.
Manual review
A more appropriate would involve adjusting the calculation to ensure that the ratio of s.recapitalized to totalUsdNeeded does not exceed 1 before applying it to the underlyingAmount. This can be done by capping the ratio at 1:
This adjustment ensures that the redeemable amount is always within logical bounds and reflects the actual recapitalization progress, preventing any potential overflow or logic errors in token redemption calculations.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.