Core Contracts

Summary

The RAAC token contract implements a fee-on-transfer mechanism that deducts a portion of tokens for taxation (swap and burn). However, this introduces issues in functions that assume exact token transfers, particularly in StabilityPool:depositRAACFromPool. The function checks for a precise balance update after safeTransferFrom, which fails due to the fee deduction.

Vulnerability Details

The depositRAACFromPool function attempts to verify an exact token transfer by comparing pre- and post-transfer balances:

Location: 2025-02-raac\contracts\core\pools\StabilityPool\StabilityPool.sol [326-337]

However, since RAACToken imposes a swap tax, the contract receives less than the expected amount. As a result, the balance check fails, reverting the transaction.

Tax Calculation in RAAC Transfers

RAAC deducts a fee on transfer:

Location: 2025-02-raac\contracts\core\tokens\RAACToken.sol [185-204]

This means that amount sent by the sender will always be greater than what the contract actually receives, breaking deposit logic.

Impact

• Deposit Function Fails: RAAC tokens cannot be deposited from the liquidity pool to the stabilityPool contract due to failed balance checks.

Tools Used

Manual Review

Recommendations

Option 1: Modify the deposit function to account for fee deductions

Option 2: Whitelist Contract to Avoid Tax

Allow the deposit contract to be whitelisted, preventing fee deductions:

Conclusion

The fee-on-transfer mechanism in RAACToken introduces security and usability concerns when interacting with depositRAACFromPool function. Implementing one of the above solutions can mitigate these issues and ensure smooth functionality.