Incorrect totalSupply calculation in DebtToken
Summary :
The total supply should reflect the total debt including accrued interest, which means it should use rayMul with the current index, not rayDiv.
Vulnerability Details :
Using rayDiv reduces the total supply value instead of increasing it with accumulated interest, which is incorrect for a debt token.
In DebtToken.sol, totalSupply is calculated using rayDiv:
While individual user debt is correctly calculated using rayMul:
This creates inconsistency between:
Individual debt calculations (correct)
Total protocol debt (incorrect)
Example scenario:
Total debt = 1000 tokens
Interest index = 1.1
Current implementation: 1000.rayDiv(1.1) ≈ 909 tokens
Correct calculation: 1000.rayMul(1.1) = 1100 tokens
Results in 191 tokens of unaccounted debt
Impact :
The current rayDiv implementation would lead to incorrect total debt calculations and potential protocol accounting issues.
Tools Used :
Manuel review.
Recommendations :
Update totalSupply to use rayMul.
Lead Judging Commences
DebtToken::totalSupply incorrectly uses rayDiv instead of rayMul, severely under-reporting total debt and causing lending protocol accounting errors
DebtToken::totalSupply incorrectly uses rayDiv instead of rayMul, severely under-reporting total debt and causing lending protocol accounting errors
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.