Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Incorrect Token Amount Calculation in `StabilityPool::calculateRcrvUSDAmount` Function

zgczgc

Summary

The calculateRcrvUSDAmount function in the StabilityPool contract incorrectly calculates the rToken amount during deToken redemption, using an inverted formula compared to its counterpart calculateDeCRVUSDAmount.

Vulnerability Details

function calculateRcrvUSDAmount(uint256 deCRVUSDAmount) public view returns (uint256) {
uint256 scalingFactor = 10**(18 + rTokenDecimals - deTokenDecimals);
return (deCRVUSDAmount * getExchangeRate()) / scalingFactor; <==@found
}

Impact

  • Incorrect redemption amounts

  • Potential loss of funds for users

Tools Used

  • Manual Review

Recommendations

Use the correct formula for rToken redemption:

function calculateRcrvUSDAmount(uint256 deCRVUSDAmount) public view returns (uint256) {
uint256 scalingFactor = 10**(18 + rTokenDecimals - deTokenDecimals);
- return (deCRVUSDAmount * getExchangeRate()) / scalingFactor; <==@found
+ return (deCRVUSDAmount * scalingFactor) / getExchangeRate();
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Incorrect scaling factor formula in StabilityPool::calculateRcrvUSDAmount function

Both tokens have 18 decimals. Info

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!