Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: high
Valid

Incorrect Debt Token Minting Amount Due to Unscaled Value Addition

DRUGstore

Summary

Vulnerability Details

In the DebtToken's mint function, there is a critical error in calculating amountToMint. The function incorrectly adds the raw amount with balanceIncrease

the mint() function contains following lines of code

uint256 amountToMint = amount + balanceIncrease; // Incorrect, amount is not scaled.
_mint(onBehalfOf, amountToMint.toUint128());

  1. amount is the raw, unscaled input amount

  2. balanceIncrease is already scaled according to the index

  3. Adding these mismatched values leads to incorrect debt token minting

Impact

  • Incorrect Debt Accounting: Users will receive excessive amounts of debt tokens due to mixing scaled and unscaled values, as unscaled amountis way higher than amountScaled.

  • Protocol Insolvency Risk: The mismatch between actual debt and minted tokens could lead to protocol insolvency

Tools Used

Recommendations

Instead of amount use amountScaled

uint256 amountToMint = amountScaled + balanceIncrease;
_mint(onBehalfOf, amountToMint.toUint128());
Updates

Lead Judging Commences

inallhonesty Lead Judge 7 months ago
Submission Judgement Published
Validated
Assigned finding tags:

DebtToken::mint miscalculates debt by applying interest twice, inflating borrow amounts and risking premature liquidations

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!