c4-judge
commented
1 year ago Picodes marked the issue as satisfactory
Open code423n4 opened 1 year ago
c4-judge
commented
1 year ago Picodes marked the issue as satisfactory
Lines of code
Vulnerability details
Issue was mitigated
About the problem
This issue explains that in case of undercollateralization, vault's exchange rate will not be increased as it's never can be bigger than
_lastRecordedExchangeRate. So even if users will continue depositing and additional yields will be accrued, then exchange rate will not be increased.Solution
Pool together team has changed Vault a lot. Now, there is no any exchange rate in the contract. In case if Vault is collateralized, then shares are exchanged as 1:1 with assets, and in case of undercollateralization, rate depends on amount of assets in the underlying vault. Also, it's not possible to deposit into the vault, when it's not collateralized.