Core Contracts

Summary

The calculateDustAmount function calculates the "dust" in the contract by comparing a contract balance that is scaled down using rayDiv with a total real balance that is scaled up using rayMul. This inconsistent scaling results in comparing values in different units, which may lead to an incorrect dust calculation.

Vulnerability Details

• Contract Balance Calculation:

  uint256 contractBalance = IERC20(_assetAddress).balanceOf(address(this)).rayDiv(ILendingPool(_reservePool).getNormalizedIncome());

  ​

  This scales down the balance using the normalized income.

• Total Real Balance Calculation:

  uint256 totalRealBalance = currentTotalSupply.rayMul(ILendingPool(_reservePool).getNormalizedIncome());

  ​

  This scales up the total supply using the same factor.

• Issue:
  The two values are being transformed in opposite directions, resulting in a comparison between a scaled-down contract balance and a scaled-up total real balance. This inconsistency may lead to over- or under-estimation of the dust amount.

Impact

• Incorrect Dust Calculation: The function may return a dust amount that does not accurately reflect the surplus underlying tokens.

• Financial Inconsistencies: Decisions based on the dust value (such as token donations or rebalancing) could be misinformed.

• Stakeholder Misguidance: Misrepresentation of the contract's surplus balance could impact trust and operational decisions.

Tools Used

• Manual code review

Recommendations

Standardize Scaling:

• Ensure that both the contract balance and total real balance are computed using the same scaling method. Either scale both values up or down so that they are directly comparable.