When depositors want their funds back and there are not enough funds in the vault or the strategy, the aUST in the BaseStrategy needs to be redeemed.
This redemption process is asynchronous due to the nature of EthAnchor and requires an admin to redeem the aUST back to UST.
It can only be started by the restrictedinitRedeemStable function.
Impact
If the admins don't redeem the aUST, users cannot get back their investment and lose funds.
Recommended Mitigation Steps
The users should not have to rely on admins to get their funds back.
Handle
cmichel
Vulnerability details
When depositors want their funds back and there are not enough funds in the vault or the strategy, the aUST in the
BaseStrategy
needs to be redeemed. This redemption process is asynchronous due to the nature of EthAnchor and requires an admin to redeem theaUST
back toUST
. It can only be started by the restrictedinitRedeemStable
function.Impact
If the admins don't redeem the aUST, users cannot get back their investment and lose funds.
Recommended Mitigation Steps
The users should not have to rely on admins to get their funds back.