Submission Details
Severity:
Wrong amount for Burn event in DebtToken::burn function
Vunerability Details
As it can be seen in DebtToken.sol, the event Burn is defined as:
File: contracts/core/tokens/DebtToken.sol#L63-L69
/**
* @notice Emitted when debt tokens are burned
* @param from The address from which tokens are burned
* @param amount The amount burned (in underlying asset units)
* @param index The usage index at the time of burning
*/
event Burn(address indexed from, uint256 amount, uint256 index);
However, in the DebtToken::burn function, the second argument is amountScaled instead of `amount.
File: contracts/core/tokens/DebtToken.sol#L211
emit Burn(from, amountScaled, index);
Impact
Off-chain listeners may use/display incorrect values and potentially mislead users.
Especially as the usage index of reserve is emitted allong with the amount, which suggests that the listener could use them to calculate the scaled amount the borrower paid to burn his debt tokens.
Tools used
Manual review.
Recommendations
Use amount instead of amountScaled.
File: contracts/core/tokens/DebtToken.sol#L211
- emit Burn(from, amountScaled, index);
+ emit Burn(from, amount, index);
}
Updates
Lead Judging Commences
inallhonesty 6 months ago
Submission Judgement Published Assigned finding tags:
DebtToken::burn emits Burn event with scaled amount instead of raw amount, contradicting documentation and causing incorrect off-chain data
inallhonesty 6 months ago
Submission Judgement Published Assigned finding tags:
DebtToken::burn emits Burn event with scaled amount instead of raw amount, contradicting documentation and causing incorrect off-chain data
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420 USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.