Rebasing tokens are not supported #87
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-263
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2023-01-numoen/blob/main/src/core/Lendgine.sol#L144
https://github.com/code-423n4/2023-01-numoen/blob/main/src/core/libraries/Position.sol#L51
Vulnerability details
Impact
Rebasing tokens are not supported. Pool can be insolvent.
Proof of Concept
When depositor accrues interests, his
tokensOwed
amount is updated insidePosition.update
function.https://github.com/code-423n4/2023-01-numoen/blob/main/src/core/libraries/Position.sol#L38-L65
As you can see interests are accrued as
newTokensOwed
and they are saved as collateral token value that should be paid for user.Later he can call
Lendgine.collect
in order to receive interests.https://github.com/code-423n4/2023-01-numoen/blob/main/src/core/Lendgine.sol#L194-L206
In case when rebasing token will be used as collateral such approach will not work as at the moment when
tokensOwed
was increased by value X of rebasing token, this value can become Y < X, when user callscollect
. As result he will receive more tokens from the pool that he should. In case if token increased in price, then user will receive less tokens as interests.Tools Used
VsCode
Recommended Mitigation Steps
I believe that factory should have list if whitelisted tokens that can be used by protocol. Currently any token can be used.
The text was updated successfully, but these errors were encountered: