Incorrect amount burned in DebtToken Contract leads to token accounting discrepancy
Summary
In the DebtToken contract's burn() function, the wrong amount is being burned. The function burns the nominal amount instead of the scaled amount, which breaks the token's accounting system and can lead to incorrect debt tracking.
Vulnerability Details
The DebtToken contract follows a scaled balance model similar to Aave's variable debt tokens, where:
The actual token balances are scaled relative to a usage index that increases over time to represent accumulated interest
Internal accounting uses scaled amounts while external-facing values show the actual debt amounts
The issue is that the function burns the nominal amount instead of the amountScaled. This is incorrect because:
The internal balance accounting of DebtToken works with scaled balances
The
_burn()function affects these internal scaled balancesBy burning the nominal amount instead of scaled amount, we're burning too many tokens
To understand why this is wrong, consider how the scaling works:
Actual Debt = Scaled Balance * Current Index
Scaled Balance = Actual Debt / Current Index
When burning debt tokens:
We receive the actual debt amount to burn
We must convert it to scaled amount (done correctly with
amountScaled = amount.rayDiv(index))We should burn this scaled amount to maintain correct accounting
The current implementation burns the actual amount, which is much larger than the scaled amount (since index is generally > 1 RAY), leading to:
Incorrect debt accounting
Users having less debt than they should
Potential system-wide accounting mismatches
This is further complicated by the contract returning the correct amountScaled in the return values, while actually burning a different amount, which can confuse integrating systems.
PoC
User A borrows 100 tokens (index = 2 * RAY)
The scaled amount would be 50 (100 / 2)
User A tries to repay 60 tokens
The contract calculates scaled amount as 30 (60 / 2)
But burns 60 tokens from the scaled balance instead of 30
User A's debt is reduced more than it should be
Impact
Incorrect debt accounting across the lending protocol
Users can have their debt reduced more than intended
Protocol's total debt calculations become inaccurate
Potential economic loss for the protocol due to debt undervaluation
Tools Used
Manual review
Recommendations
Change the burn function to use the scaled amount:
Lead Judging Commences
DebtToken::burn incorrectly burns amount (asset units) instead of amountScaled (token units), breaking token economics and interest-accrual mechanism
DebtToken::burn incorrectly burns amount (asset units) instead of amountScaled (token units), breaking token economics and interest-accrual mechanism
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.