Over minting in mint Function of DebtToken.sol
Summary
The mint function in DebtToken.sol is responsible for minting DebtTokens when a user borrows funds from the protocol. However, the function incorrectly adds balanceIncrease to the amount, resulting in over minting. This leads to users receiving more DebtTokens than they actually should, increasing their debt and forcing them to pay excessive interest.
Vulnerability Details
Issue in the Code
amountToMint includes balanceIncrease, which represents accrued interest rather than the actual borrowed amount.
This leads to users owing more than they borrowed, leading to excessive debt accumulation.
Incorrect Minting
The function mints amountToMint instead of just amount, inflating the user’s debt.
Borrowers pay more interest than necessary.
Impact
Users are unfairly charged excessive interest.
Borrowers are discouraged from using the protocol, leading to a loss of users and liquidity for the protocol.
Tools Used
manual review
Recommendations
Remove the lines containing the logic for balanceIncrease and amountToMint.
In the _mint() function mint amount instead of amountToMint.
Lead Judging Commences
DebtToken::mint miscalculates debt by applying interest twice, inflating borrow amounts and risking premature liquidations
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.