transferAccruedDust cannot work in most cases
Summary
transferAccruedDust cannot work in most cases
Vulnerability Details
The owner can transfer the dust token from the contract via transferAccruedDust() function. According to current design, we will calculate the dust via current balance in rToken - balance which is tied with rTokens. It means that if the remaining balance in rToken is larger than total balance which is tied with rToken, we can take these as dust and transfer them.
The problem here is that in one normal ecosystem, the remaining balance in rToken contract will be less than the total balance which is tied with rToken. Let's assume that the average utilization is 20% in this lending market. Some new lenders will enter the market and some new borrowers will enter the market, the average utilization will keep higher than 10%. In this case, the left funds in rToken contract will be always less than the total balance which is tied with rToken. This will cause that the owner cannot transfer their expected dust.
There is one extreme case, which is all borrowers repay and there is not any new borrowers. All funds exist in this rToken contract, then the owners can transfer their expected dust. But in one normal lending market, it's quite impossible to trigger this case.
Impact
The owner cannot transfer their expected dust.
Tools Used
Manual
Recommendations
Add one accounting information to record the dust, for example, current balance in rToken + total debt - total balance for rToken = dust
Lead Judging Commences
RToken dust calculation structurally impossible with outstanding loans or funds deposited in the vault
RToken dust calculation structurally impossible with outstanding loans or funds deposited in the vault
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.