Core Contracts

Summary

The LendingPool.withdraw function (via the ReserveLibrary.withdraw helper) misinterprets the return values from the RToken.burn function. The withdrawal operation expects the burned (scaled) token amount to be returned as the first value, but the burn function actually returns the unscaled amount in that position. This discrepancy results in incorrect assignment of the withdrawn amount, leading to inaccuracies in user balances and the overall reserve state.

Vulnerability Details

1. Return Value Mismatch:

   In the ReserveLibrary.withdraw function, the burn call is made as follows:

   (uint256 burnedScaledAmount, uint256 newTotalSupply, uint256 amountUnderlying) = IRToken(reserve.reserveRTokenAddress).burn(

   recipient, // from

   recipient, // receiverOfUnderlying

   amount, // amount

   reserve.liquidityIndex // index

   );

   amountWithdrawn = burnedScaledAmount;

   However, the RToken.burn function returns:

   return (amount, totalSupply(), amount);

   Here, the first returned value is the unscaled amount rather than the scaled token burn value.

2. Incorrect Withdrawal Amount Calculation:

   Due to this misinterpretation, the withdrawal operation sets amountWithdrawn to the unscaled amount. This means that the withdrawn amount recorded does not reflect the scaling adjustments applied elsewhere (e.g., via the liquidity index), leading to an inaccurate representation of the user's balance and reserve state.

3. Neglected Scaling Factor:

   The burn function internally computes a scaled value:

   uint256 amountScaled = amount.rayMul(index);

   but does not use it in the return statement. Consequently, the scaling factor is effectively ignored during the burn process, which compounds the miscalculation of the withdrawal amount.

Impact

• User Balance Discrepancies:
  Users will have an incorrect record of the amount withdrawn, causing their token balances to deviate from the intended scaled value.

• Reserve Accounting Inaccuracies:
  The reserve’s liquidity and interest accrual calculations may become inconsistent due to the misinterpreted burn value.

Proof-of-Concept (POC) Example

1. Normal Scenario:

   • A user requests a withdrawal of 100 units.

   • The system should compute a scaled burn amount based on the liquidity index, and the recorded withdrawn amount should reflect this scaled value.

2. Issue Manifestation:

   • The RToken.burn function returns (amount, totalSupply(), amount), where amount is the unscaled value (100).

   • The ReserveLibrary.withdraw function sets amountWithdrawn to this unscaled value (100) and returns (amountUnderlying, burnedScaledAmount, amountUnderlying), thereby misrepresenting the scaled withdrawal amount.

3. Result:

   • The user’s RToken balance and the reserve’s accounting records do not accurately represent the scaled withdrawal, leading to downstream miscalculations in liquidity and interest accrual.

Tools Used

Manual review

Recommendations

1. Correct the Return Value Handling in burn:

   • Modify the RToken.burn function to return the scaled amount as the first value. For example:

     return (amountScaled, totalSupply(), amount);

   • This change ensures that the first returned value correctly represents the scaled tokens burned.

2. Alternatively, Adjust Withdraw Processing:

   • Update the ReserveLibrary.withdraw function to correctly interpret the unscaled value returned by burn and apply the appropriate scaling before recording the withdrawal amount.