Already scaled balances are being scaled which led to disrepancy and miscalculation in DebtToken
Summary
In the DebtToken there is a problem in the mint and burn function - double scaling of balanceIncrease causes high discrepancy and miscalculation of amount which should be minted or burned. This is probably caused, because developer doesn't take the consideration that they are finding the delta of scaled value and again rescaling the scaled up value :
Intended :
The
balanceIncreaseshould be calculated based on scaled up delta
Implemented :
The
balanceIncreaseis calculated based on double scaled up delta
Vulnerability Details
So what the function basically does is that it stores the scaled balance in the - scaledBalance for mint and userBalance for burn. And it is supposed to find the delta between the indexes and update the index to calculate the balanceIncrease. However the operation is done on already scaled balance which is really bad.
And here is the snippet of balanceOf() function code which already scales the amount with the usage index :
Impact
Discrepancy and miscalculation of funds while minting and burning
Tools Used
Recommendations
Change the scaledBalance for mint() value to scaleBalanceOf(onBehlfOf) and userBalance for burn() value to scaleBalanceOf(from)
Lead Judging Commences
DebtToken::mint miscalculates debt by applying interest twice, inflating borrow amounts and risking premature liquidations
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.