Flow
Sablier
FoundryDeFi
20,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

`_refundableAmountOf()` calculation is incorrect.

oxtenma

Vulnerability Details

From the Technical Docs, we can see the refundable amount (ra) is the amount that can be refunded to the sender. It is defined as the difference between the stream balance and the total debt.

But the code in the SablierFlow::_refundableAmountOfreturns the _streams[streamId].balance - _coveredDebtOf(streamId);which is incorrect as covered debt is different from the total debt.

function _refundableAmountOf (uint256 streamId) internal view returns (uint128) {
return _streams[streamId].balance - _coveredDebtOf(streamId);
// @audit issue should be totalDebt instead.
}

Impact

The _refundableAmountOfamount calculation will be incorrect as the total debt is defined as the total amount the sender owes to the recipient. It is calculated as the sum of the snapshot debt and the ongoing debt whereas covered debt is The covered debt (cd) is defined as the minimum of the total debt and the stream balance.

Tools Used

Manual Review

Recommendations

We recommend subtracting the _totalDebtOfinstead of _coveredDebtOf

Updates

Lead Judging Commences

inallhonesty Lead Judge
11 months ago
inallhonesty Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Appeal created

oxtenma Submitter
10 months ago
inallhonesty Lead Judge
10 months ago
inallhonesty Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.