`getUtilizationRate()` uses `getNormalizedDebt()` as an amount but `getNormalizedDebt()` returns an index
Vulnerability Details
At RAACMinter::getUtilizationRate() uses getNormalizedDebt() as an amount but getNormalizedDebt() returns an index.
See here that an amount is expected as it needs to know total borrowed amount which is what it is used to compute a utilization rate.
See here how LendingPool::getNormalizedDebt() returns an index.
Impact
A wrong calculation of utilization rate leads to bad adjustments of the RAAC token minting pace. As this function is called in RAACMinter::tick()::updateEmissionRate()::calculateNewEmissionRate()::getUtilizationRate() it can lead to a wrong minting pace. Start of the function call flow here.
In this case the index is in RAY decimals which has 27 decimals, and the amount borrowed should be in 18 decimals, significantly affecting the calculation. Regardless of the differnece in number size, the value is just a totally different one and must be changed.
Recommendations
Do not read an index and read actually the amount borrowed. This can be done reading the totalUsage factor on the LendingPool and dividing it by the usageIndex.
Lead Judging Commences
RAACMinter::getUtilizationRate incorrectly mixes stability pool deposits with lending pool debt index instead of using proper lending pool metrics
RAACMinter::getUtilizationRate incorrectly mixes stability pool deposits with lending pool debt index instead of using proper lending pool metrics
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.