Fee-on-transfer tokens can drain he whole deposited amount of them.
Vulnerability Details
There is a depositCollateral() function that add an input to s_collateralDeposited, but not a real value received. We can consider that the token is trasnfer-on-fee token. Therefore, when redeemCollateral() is called it trasfers back to user not the amount that he has really deposited, but inputed number, so it will trasnfer not only this user's tokens but also other users' ones.
Impact
Lost of all fee-on-transfer tokens.
Tools Used
Manually
Recommendations
Update s_collateralDeposited with really deposited amounts.
Fee-on-transfer tokens draining
Severity
Medium Risk
Summary
Fee-on-transfer tokens can drain he whole deposited amount of them.
Vulnerability Details
There is a depositCollateral() function that add an input to s_collateralDeposited, but not a real value received. We can consider that the token is trasnfer-on-fee token. Therefore, when redeemCollateral() is called it trasfers back to user not the amount that he has really deposited, but inputed number, so it will trasnfer not only this user's tokens but also other users' ones.
Impact
Lost of all fee-on-transfer tokens.
Tools Used
Manually
Recommendations
Update s_collateralDeposited with really deposited amounts.