UsdTokenSwapConfig::Data::usdcAvailableForEngine Increases but Never Used, Locking USDC Forever
Summary
The CreditDelegationBranch::settleVaultsDebt updates usdcAvailableForEngine[vault.engine] by increasing the value:
This USDC is supposed to back usd token of the engine. But it's used nowhere. When users swap their usd token to vault asset, this usd token is not used to compensate the vault. As a result vault will face shortage of asset. This USDC value accumulates indefinitely and is never utilized.
Vulnerability Details
The settleVaultsDebt adds USDC to usdcAvailableForEngine[vault.engine] after swapping vault's asset to USDC when vault is in debt. But there is no function or mechanism to use this USDC allocated to engine. As a result this USDC is forever locked. Once vault assets are converted to USDC and saved to usdcAvailableForEngine[vault.engine], this USDC can never be used.
When users swap their usd token to vault asset in StabilityBranch::fulfillSwap, the vault asset balance becomes lower. So in both cases vault loses it's asset. The USDC is supposed to back the usd token. But when users swaps and burn their usd token, this USDC loses it's purpose and gets locked forever
Impact
The USDC balance of engine grows infinitely without any actual usage.
Since it is not used, the vault's asset will keep getting drained. Depositors in vault will lose asset
Recommendation
Use this USDC balance to compensate the vault when user swaps their usd token to vault asset
Lead Judging Commences
usdcAvailableForEngine is never decreased by fulfillSwap
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.