Incorrect Asset Valuation Leading to lower than expected Profits in Alchemix Strategy
Summary
The _harvestAndReport() function incorrectly accounts for underlying WETH tokens at a 1:1 ratio with alETH, leading to inflated total asset calculations and incorrect profit reporting.
Vulnerability Details
In _harvestAndReport():
The function adds WETH (underlying) balance directly to alETH (asset) balance, but WETH:alETH trades at a premium (>1:1 ratio). This creates two issues:
Incorrect accounting by treating WETH 1:1 with alETH when it should be valued higher
The strategy should not hold WETH as it should be immediately swapped via
claimAndSwap()
The correct calculation should be:
And WETH should be swapped to alETH immediately when claimed. (assuming that the commented Logic has been uncommented)
Impact
Medium - This vulnerability leads to:
deflated total assets reporting
Incorrect profit calculations
Wrong performance fee charges
Inaccurate share price calculations
Potential economic loss for users through incorrect share pricing
The impact is amplified because report() in TokenizedStrategy.sol uses this value for critical accounting including:
Profit/loss calculations
Fee distributions
Share price updates
Profit unlocking mechanics
Tools Used
Manual code review
Code cross-referencing with TokenizedStrategy.sol
Understanding of Alchemix protocol mechanics
Recommendations
Remove underlying token from total assets calculation:
Enforce immediate WETH to alETH swaps after claims
Add validation to ensure no WETH balance remains after operations
Consider adding a minimum premium check for WETH:alETH swaps
Appeal created
_harvestAndReport should not contain the underlying balance to prevent donations having an impact.
Dormant WETH is not properly treated
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.