Alchemix Transmuter
Alchemix
DeFiFoundrySolidity
16,653 OP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Withdrawn Amount Will Be Stuck

nave765

Summary

_freeFunds function withdraws amount or totalAvailabe to address(this). However the contract doesn't have any function to claim the withdrawn amount.

Vulnerability Details

_freeFunds function is being used during {withdraw} and {redeem} calls. It calculates how much totalAvailabe and checks whether amount is bigger than totalAvailabe.

Based on the docs, when user decides to withdraw, an equivalent amount of their deposit alUSD is burned, completing the transmutation cycle. However there is no function to claim the withdrawn amount, it withdraws to address(this) but the withdrawn amount will stuck in the contract.

https://github.com/Cyfrin/2024-12-alchemix/blob/main/src/StrategyArb.sol#L112-L119

function _freeFunds(uint256 _amount) internal override {
uint256 totalAvailabe = transmuter.getUnexchangedBalance(address(this));
if (_amount > totalAvailabe) {
transmuter.withdraw(totalAvailabe, address(this));
} else {
transmuter.withdraw(_amount, address(this));
}
}

Impact

Withdrawn amount and the asset within the contract is stuck.

Tools Used

Manual Review

Recommendations

Make a function to withdraw address(this)'s balance of asset or collateral.

Updates

Lead Judging Commences

inallhonesty Lead Judge
8 months ago

Appeal created

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.