Core Contracts

Summary

In LendingPool.sol, reserve asset depositors receive rTokens at a 1:1 ratio at deposit() function. These rTokens will accrue interest over time as mentioned in the documentation: [RToken](https://docs.raac.io/core/tokens/RToken)

However, when depositors withdraw their reserve assets, the burning of rTokens is also at 1:1 ratio. Depositors will not receive the accrued interest.

Vulnerability Details

Assume this scenario whereby Alice deposited 10,000 crvUSD and is minted 10,000 rTokens via LendingPool.deposit(). After 1 month, Alice calls LendingPool.withdraw()to withdraw 10,000 crvUSD.

1. Reserve state is updated via ReserveLibrary.updateReserveState()

2. Ensure sufficient liquidity available via _ensureLiquidity()

3. Perform the withdrawal via ReserveLibrary.withdraw(), passing amount= 10000e18

4. In ReserveLibrary.withdraw(), reserve interests updated via updateReserveInterests().

5. Now, Rtoken is burned via RToken.burn(). Let's focus on these lines in RToken.burn()function:

   _burn(from, amount.toUint128());

   ​

   if (receiverOfUnderlying != address(this)) {

   IERC20(_assetAddress).safeTransfer(receiverOfUnderlying, amount);

   }

   ​

   emit Burn(from, receiverOfUnderlying, amount, index);

   ​

   return (amount, totalSupply(), amount);

   }

6. Since amount passed = 10000e18, now in _burn(), 10,000 rTokens are burned.

7. 10,000 crvUSD is safeTransfer to Alice.

LOC

[burn()](https://github.com/Cyfrin/2025-02-raac/blob/89ccb062e2b175374d40d824263a4c0b601bcb7f/contracts/core/tokens/RToken.sol#L176-L180)

Impact

As seen above, the rTokens of Alice's are burned at 1:1 ratio, instead of burning AmountScaled, which is derived as amount.rayMul(index)in Rtoken.burn()function.

All depositors will not receive their accrued interest as promised, and will experience loss of expected yield.

Tools Used

Manual

Recommendations

1. Burn AmountScaled rTokens instead of amount.

2. Alternatively, instead of having user to pass the amount of reserve asset to withdraw, logic can be updated to instead pass amount of rTokens to be burned. Function instead can calculate and safeTransfer the expected crvUSD that has accrued interest.