The DSCEngine contract contains a vulnerability due to the lack of a DSC (Decentralized StableCoin) mint check in the redeemCollateral function. The net spec indicates that users should not be able to redeem collateral until they burn their DSC. However, the function does not include the necessary check, allowing users to withdraw collateral without adhering to the intended restrictions.
Vulnerability Details
The issue arises in the redeemCollateral function, where users can redeem collateral without validating if they have DSC minted. The current implementation lacks a require statement to enforce the net spec's intended behavior.
solidity
function redeemCollateral(address tokenCollateralAddress, uint256 amountCollateral)
public
moreThanZero(amountCollateral)
nonReentrant
{
_redeemCollateral(msg.sender, msg.sender, tokenCollateralAddress, amountCollateral);
_revertIfHealthFactorIsBroken(msg.sender);
}
Impact
The vulnerability can potentially lead to a discrepancy in the recorded collateral balance and the actual collateral value. Users could exploit this issue to withdraw collateral without burning their DSC, resulting in a loss of funds or undermining the stability and integrity of the system.
Tools Used
manual
Recommendations
It is highly recommended to add a require statement in the redeemCollateral function to verify if the user has any DSC minted before proceeding with collateral redemption. If the user has DSC minted, the function should revert with an appropriate error message, enforcing the net spec's intended behavior.
function redeemCollateral(address tokenCollateralAddress, uint256 amountCollateral)
public
moreThanZero(amountCollateral)
nonReentrant
{
require(s_DSCMinted[msg.sender] == 0, "Cannot redeem collateral with DSC minted.");
_redeemCollateral(msg.sender, msg.sender, tokenCollateralAddress, amountCollateral);
_revertIfHealthFactorIsBroken(msg.sender);
}
Lack of DSC Mint Check in redeemCollateral Function
Severity
Medium Risk
Relevant GitHub Links
https://github.com/Cyfrin/2023-07-foundry-defi-stablecoin/blob/main/src/DSCEngine.sol#L183-L190.
Summary
The DSCEngine contract contains a vulnerability due to the lack of a DSC (Decentralized StableCoin) mint check in the redeemCollateral function. The net spec indicates that users should not be able to redeem collateral until they burn their DSC. However, the function does not include the necessary check, allowing users to withdraw collateral without adhering to the intended restrictions.
Vulnerability Details
The issue arises in the redeemCollateral function, where users can redeem collateral without validating if they have DSC minted. The current implementation lacks a require statement to enforce the net spec's intended behavior.
solidity
function redeemCollateral(address tokenCollateralAddress, uint256 amountCollateral) public moreThanZero(amountCollateral) nonReentrant { _redeemCollateral(msg.sender, msg.sender, tokenCollateralAddress, amountCollateral); _revertIfHealthFactorIsBroken(msg.sender); }
Impact
The vulnerability can potentially lead to a discrepancy in the recorded collateral balance and the actual collateral value. Users could exploit this issue to withdraw collateral without burning their DSC, resulting in a loss of funds or undermining the stability and integrity of the system.
Tools Used
manual
Recommendations
It is highly recommended to add a require statement in the redeemCollateral function to verify if the user has any DSC minted before proceeding with collateral redemption. If the user has DSC minted, the function should revert with an appropriate error message, enforcing the net spec's intended behavior.
function redeemCollateral(address tokenCollateralAddress, uint256 amountCollateral) public moreThanZero(amountCollateral) nonReentrant { require(s_DSCMinted[msg.sender] == 0, "Cannot redeem collateral with DSC minted."); _redeemCollateral(msg.sender, msg.sender, tokenCollateralAddress, amountCollateral); _revertIfHealthFactorIsBroken(msg.sender); }