Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: high
Valid

Incorrect Debt Token Minting Amount Due to Unscaled Value Addition

DRUGstore

Summary

Vulnerability Details

In the DebtToken's mint function, there is a critical error in calculating amountToMint. The function incorrectly adds the raw amount with balanceIncrease

the mint() function contains following lines of code

uint256 amountToMint = amount + balanceIncrease; // Incorrect, amount is not scaled.
_mint(onBehalfOf, amountToMint.toUint128());

  1. amount is the raw, unscaled input amount

  2. balanceIncrease is already scaled according to the index

  3. Adding these mismatched values leads to incorrect debt token minting

Impact

  • Incorrect Debt Accounting: Users will receive excessive amounts of debt tokens due to mixing scaled and unscaled values, as unscaled amountis way higher than amountScaled.

  • Protocol Insolvency Risk: The mismatch between actual debt and minted tokens could lead to protocol insolvency

Tools Used

Recommendations

Instead of amount use amountScaled

uint256 amountToMint = amountScaled + balanceIncrease;
_mint(onBehalfOf, amountToMint.toUint128());
Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Validated
Assigned finding tags:

DebtToken::mint miscalculates debt by applying interest twice, inflating borrow amounts and risking premature liquidations

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.