Last updated
Was this helpful?
Submitted on Wed Jul 24 2024 08:13:31 GMT-0400 (Atlantic Standard Time) by @nnez for
Report ID: #33596
Report type: Smart Contract
Report severity: Low
Target: https://testnet.snowtrace.io/address/0x96e957bF63B5361C5A2F45C97C46B8090f2745C2
Impacts:
Contract fails to deliver promised returns, but doesn't lose value
Users can choose to repay their debt with the same type of collateral in their loan by calling repayWithCollateral function in SpokeCommon endpoint.
At almost the end of the execution flow, the final accounting is done in the following function:
A rounding issue occurs in the updateWithRepayWithCollateral function. If principalPaid + interestPaid equals 1 wei, the toFAmount function rounds down to zero.
The problem arises because repayWithCollateralPoolParams.fAmount is used to reduce the user's collateral amount used in repayment. This leads to a situation where the debt is repaid, the token amount is deducted from the HubPool (from depositData.totalAmount) but the corresponding collateral is not deducted.
Although the accounting error is in a dust amount, I believe this is a technically valid bug and should be fixed to ensure the correctness of the accounting in the HubPool.
Accounting error on the totalAmount in HubPool
A test file in the secret gist does the following:
Deposit USDC, then borrow USDC.
RepayWithCollateral with amount=1 wei.
Show that debt is repaid for 1 wei, but collateral balance is not deducted.
Steps
Run forge init --no-commit --no-git --vscode.
Create a new test file, FolksRounding.t.sol in test directory.
Put the test from secret gist in the file: https://gist.github.com/nnez/cfe1bc405bcf307a1fa36e24f0dc9736
Run forge t --match-contract FolksRoundingTest -vv
Observe that debt is repaid for 1 wei, but collateral balance is not deducted.
