Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Incorrect event emission

0xdanielc

Summary

Incorrect event emission takes place in ReserveLibrary::withdraw.
Note that incorrect event emission has been a valid issue in codehawks contests previously.

Vulnerability Details

In RToken::burn the comment suggests that the first returned value should be the amount of scaled tokens burned:

* - uint256: The amount of scaled tokens burned
* - uint256: The new total supply after burning
* - uint256: The amount of underlying asset transferred

However, the first returned variable is amount, not the scaled amount.

return (amount, totalSupply(), amount);

Therefore, the burnedScaledAmount value here is not actually the scaled amount, it is just the amount.

(uint256 burnedScaledAmount, uint256 newTotalSupply, uint256 amountUnderlying) = IRToken(reserve.reserveRTokenAddress).burn(
recipient, // from
recipient, // receiverOfUnderlying
amount, // amount
reserve.liquidityIndex // index
);

Therefore, the event emission here is incorrect.

emit Withdraw(recipient, amountUnderlying, burnedScaledAmount);

Impact

Front end services may utilise these incorrect values, causing UI errors and misleading users.

Tools Used

Manual review

Recommendations

Return the correct value in Rtoken::burn

Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

RToken::burn returns incorrect underlying asset amount (amount instead of amountScaled), leading to wrong interest rate calculations

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

RToken::burn returns incorrect underlying asset amount (amount instead of amountScaled), leading to wrong interest rate calculations

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.