Inconsistency Between Burn Amount and Emitted Event
Description
The DebtToken contract's burn function burns the non-scaled amount but emits an event with the scaled amount, leading to inconsistency between the actual state change and the emitted event. This makes it difficult for off-chain monitoring systems and users to track the correct burned amounts.
Affected code
https://github.com/Cyfrin/2025-02-raac/blob/89ccb062e2b175374d40d824263a4c0b601bcb7f/contracts/core/tokens/DebtToken.sol#L170-L215
Vulnerability details
The issue arises from:
Burning the raw amount:
_burn(from, amount.toUint128())But emitting the scaled amount:
emit Burn(from, amountScaled, index)This inconsistency makes it impossible for observers to accurately track burning events
Impact:
Incorrect data in event logs
Difficulty in tracking actual burned amounts
Potential issues with off-chain monitoring systems
Tools Used
Manual Review
Recommended Mitigation Steps
Align the burned amount with the emitted event by either:
Option 1 - Burn scaled amount:
Option 2 - Emit non-scaled amount:
Lead Judging Commences
DebtToken::burn emits Burn event with scaled amount instead of raw amount, contradicting documentation and causing incorrect off-chain data
DebtToken::burn emits Burn event with scaled amount instead of raw amount, contradicting documentation and causing incorrect off-chain data
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.