Core Contracts

Regnum Aurum Acquisition Corp

HardhatReal World AssetsNFT

77,280 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Users incur more gas when they deposit into the StabilityPool contract

iamephraim

Summary

Users incur more gas fee to pay for when they call deposit function. This is due to the double call to the tick function from the RAACMinter when users intend to deposit their RToken into their StabilityPool contract.

Vulnerability Details

Observe that when deposit is called by a user, it calls update and mintRAACRewards functions to mint RAAC rewards into the StabilityPool contract.

function deposit(uint256 amount) external nonReentrant whenNotPaused validAmount(amount) {

_update();

rToken.safeTransferFrom(msg.sender, address(this), amount);

uint256 deCRVUSDAmount = calculateDeCRVUSDAmount(amount);

deToken.mint(msg.sender, deCRVUSDAmount);

userDeposits[msg.sender] += amount;

_mintRAACRewards();

emit Deposit(msg.sender, amount, deCRVUSDAmount);

}

The update and the mintRAACRewards function:

function _update() internal {

_mintRAACRewards();

}

function _mintRAACRewards() internal {

if (address(raacMinter) != address(0)) {

raacMinter.tick();

}

On tracing how tick works on the RAACMinter:

function tick() external nonReentrant whenNotPaused {

if (emissionUpdateInterval == 0 || block.timestamp >= lastEmissionUpdateTimestamp + emissionUpdateInterval) {

updateEmissionRate();

}

uint256 currentBlock = block.number;

uint256 blocksSinceLastUpdate = currentBlock - lastUpdateBlock;

if (blocksSinceLastUpdate > 0) {

uint256 amountToMint = emissionRate * blocksSinceLastUpdate;

if (amountToMint > 0) {

excessTokens += amountToMint;

lastUpdateBlock = currentBlock;

raacToken.mint(address(stabilityPool), amountToMint);

emit RAACMinted(amountToMint);

}

If all deposit happens before the emissionUpdateInterval, it skips the first if condition, get the difference in block since last update. If greater than zero, and the amountToMint is non-zero, it mints raacToken to stabilityPool contract.

The second call to tick from all deposit gets the blockSinceLadtUpdate but since this will be zero, it skips the rest of the function doing nothing. Users pay more gas for interacting with the StabilityPool:deposit function.

Impact

Incurs more gas for depositing RTokens into the StabilityPool.

Tools Used

Manual review.

Recommendations

Notice how this is only present in the deposit function. withdraw and liquidateBorrower only calls _update function for a single tick.

Updates

Lead Judging Commences

inallhonesty Lead Judge 3 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

77,280 USDC

nSLOC

3,864

20 USDC / LOC

High Medium

74,000

Low

3,280

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.