Core Contracts

Summary

The redeem and redeemAll functions in ZENO contract contains a critical vulnerability. The redemption process transfers back only the number of ZENO tokens being burned, without accounting for their current price in USDC. This flaw results in users receiving fewer USDC tokens than the actual value of the ZENO tokens they redeem, leading to potential financial losses.

Vulnerability Details

In the buy function of Auction.sol, users purchase ZENO tokens at a price determined by the getPrice function, paying the equivalent amount in USDC. However, during redemption in the redeem and redeemAll functions of ZENO.sol , the contract returns USDC tokens equal only to the number of ZENO tokens burned, disregarding the price at which they were initially purchased.

• buy

• redeem

• redeemAll

• For instance, if a user bought 4 ZENO tokens at a price of 5 USDC each (totaling 20 USDC), upon redemption, they would receive only 4 USDC instead of the 20 USDC they originally spent.

• This discrepancy arises because the redemption logic does not factor in the token's price, leading to underpayment.

Impact

Users redeeming their ZENO tokens will receive less USDC than the amount they initially paid, resulting in financial losses. This flaw undermines user trust and can deter participation in the token ecosystem, as the redemption process does not honor the token's true value.

Tools Used

Manual Review .

Recommendations

To rectify this issue, modify the redeem and redeemAll functions to calculate the correct amount of USDC to return based on the current price of ZENO tokens. This ensures that users receive an amount of USDC equivalent to the value of the ZENO tokens they are redeeming.