some tokens like [usdc, usdt and others] will take fees on transfer in the future, so amountCollateral - tokenFee should be taken into consideration since the amountCollateral wont be the same as the real amount deposited
Vulnerability Details
The function depositCollateral doesn't account for potential transfer fees, leading to discrepancies between the expected and actual deposited amount.
Impact
Incorrect collateral tracking, potential financial inaccuracies or losses
Tools Used
Manual review
Recommendations
Implement a mechanism to account for potential transfer fees in the deposited collateral calculation. Something like when needing to know the real value just call tokenCollateralAddress.balanceOf(msg.sender)
Unaccounted Transfer Fees in depositCollateral Function
Severity
Medium Risk
Relevant GitHub Links
https://github.com/Cyfrin/2023-07-foundry-defi-stablecoin/blob/main/src/DSCEngine.sol#L149-L161
Summary
some tokens like [usdc, usdt and others] will take fees on transfer in the future, so
amountCollateral - tokenFeeshould be taken into consideration since theamountCollateralwont be the same as the real amount depositedVulnerability Details
The function
depositCollateraldoesn't account for potential transfer fees, leading to discrepancies between the expected and actual deposited amount.Impact
Incorrect collateral tracking, potential financial inaccuracies or losses
Tools Used
Manual review
Recommendations
Implement a mechanism to account for potential transfer fees in the deposited collateral calculation. Something like when needing to know the real value just call
tokenCollateralAddress.balanceOf(msg.sender)