Incorrect Collateral-to-Share Ratio Leads to Loss of Collateral for Group Owners

[hats-bug-reporter[bot]]

Github username: @0xmahdirostami Twitter username: 0xmahdirostami Submission hash (on-chain): 0xa5a37608a06a87c7ac8637edd5e80047d9542e176aacc6bb235107ce74177835 Severity: high

Description:

Description

The current implementation assumes a 1:1 ratio between collateral and group shares. However, due to the group minting fewer shares than the collateral, this assumption is incorrect. As a result, group owners are unable to reclaim the full amount of their collateral when burning their shares.

Impact

Group owners may experience a loss of collateral, as they cannot fully recover their initial investment due to the discrepancy between minted shares and the collateral ratio.

Code Snippets

https://github.com/hats-finance/Circles-0x6ca9ca24d78af44582951825bef9eadcb210e5cf/blob/507e18587b8a0b64a4bb21db01ecf876dc607e47/src/treasury/StandardTreasury.sol#L221-L224

https://github.com/hats-finance/Circles-0x6ca9ca24d78af44582951825bef9eadcb210e5cf/blob/507e18587b8a0b64a4bb21db01ecf876dc607e47/src/treasury/StandardVault.sol#L69-L81

[0xmahdirostami]

invalid issue, demurrage is applied in time

[benjaminbollen]

Thank you for your report on the potential incorrect collateral-to-share ratio for group owners. After review, we've determined this is not an issue.

As the report creator noted, the initial concern was based on a misunderstanding of the code. The demurrage mechanism is correctly applied over time, and there is no loss of collateral for group owners due to an incorrect ratio.

We appreciate your thorough examination of our collateral management system. Your willingness to review and correct misunderstandings contributes to the accuracy of our security review process. Thank you for your diligence in this matter.