Alchemix Transmuter

Summary
In StrategyMainnet.sol in _freeFunds we want to withdraw to address(this) from transmuter the available funds (unexchangedFunds). The calculation for unexchangedFunds is incorrect

Vulnerability Details
https://github.com/alchemix-finance/v2-foundry/blob/master/src/TransmuterV2.sol#L353-L370
When we call

It should calculate the totalAvailable balance for us to withdraw, however the calculations there is incorrect, since it gets the current unexchangedBalance and deducts it with exchanged :

This is incorrect since everywhere in those contract unexchangedBalance keeps a right track of itself same for the exchange also. For example when we do withdraw from Transmuter to our contract it keeps a track by

same applies for the exchangedBalance.

So thats why the deduction from unexchangedBalance -= exchanged is inccorect. getUnexchangedBalanceshould return just unexchangedBalance. so then the checks if the amount is greater or not to be correct.

If we use the original logic, it will deduct our already exchanged tokens from the unexchangedBalance (which is incorrect like i said since in every operation those both values are updated so its not needed of deduction inside this function). and if we do this deduction the real left balance inside transmuter will not be correct and the transfered amount wont be correct.

Impact
Incorrect calculation of left balance inside transmuter contract (Leads to User not being able to get all his funds out of the contract)

Tools Used
Manual review

Recommendations

Return just the getUnexchangedBalance without deducting it from exchangedBalance