The depositRAACFromPool function in the StabilityPool contract fails when the raacToken (implemented by RAACToken) applies swap and burn taxes during transfers, unless specific exemptions are met. This failure occurs because the function expects the full requested amount to be received, but taxes reduce the transferred amount, causing a balance check to fail. The issue persists if neither the liquidity pool nor the stability pool is whitelisted, fee collection is enabled, and tax rates are non-zero.
Affected Function: depositRAACFromPool
in StabilityPool
Snippet
The RAACToken contract’s _update function applies taxes (swapTaxRate + burnTaxRate) on transfers, reducing the amount received by the stability pool to amount - totalTax. The strict balance check (postBalance != preBalance + amount) assumes no deductions, failing when taxes are applied.
Conditions for Failure:
whitelistAddress[msg.sender] (liquidity pool) and whitelistAddress[address(this)] (stability pool) are both false.
feeCollector is not address(0).
swapTaxRate + burnTaxRate > 0.
Trigger: Non-whitelisted transfers with active tax rates.
The function reverts, preventing the liquidity pool from depositing raacToken into the stability pool. This blocks reward distribution to managers or depositors, disrupting the stability pool’s reward mechanism.
in the constructor itself, make sure you whitelist important addresses
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.