The previous implementation of the _currentExchangeRate method had an edge case where if 0 assets were withdrawable from the yield vault then the exchange rate would be 1:1 and therefore the vault would be considered collateralised despite having no collateral available to withdraw.
Mitigation
The mitigation addresses the original issue in a broad way by replacing the exchange rate function with a collateral function. When the vault is collateralised, shares are exchanged for assets 1:1, but when the vault is undercollateralised then the user will receive a portion of the remaining collateral based on the number of shares that they hold/redeem. The previewWithdraw and previewRedeem methods are also correct in the final implementation. The original issue has been resolved.
Lines of code
Vulnerability details
Comments
The previous implementation of the _currentExchangeRate method had an edge case where if 0 assets were withdrawable from the yield vault then the exchange rate would be 1:1 and therefore the vault would be considered collateralised despite having no collateral available to withdraw.
Mitigation
The mitigation addresses the original issue in a broad way by replacing the exchange rate function with a collateral function. When the vault is collateralised, shares are exchanged for assets 1:1, but when the vault is undercollateralised then the user will receive a portion of the remaining collateral based on the number of shares that they hold/redeem. The
previewWithdraw
andpreviewRedeem
methods are also correct in the final implementation. The original issue has been resolved.Conclusion
LGTM
Assessed type
Other