Redeemer#redeem for Sense slippage check is not adequete due to token decimal mismatch
Summary
Redeem uses a user specified adapter so it creates a balance check to confirm the honestly of the adapter being used in the redemption process. The problem is that sense token decimals don't match the underlying decimals making it impossible to to ever redeem USDC.
Vulnerability Detail
// Get the balance of tokens to be redeemed by the user
uint256 amount = token.balanceOf(cachedLender);
// Transfer the user's tokens to the redeem contract
Safe.transferFrom(token, cachedLender, address(this), amount);
// Get the starting balance to verify the amount received afterwards
uint256 starting = IERC20(u).balanceOf(address(this));
// Get the divider from the adapter
ISenseDivider divider = ISenseDivider(ISenseAdapter(a).divider());
// Redeem the tokens from the Sense contract
ISenseDivider(divider).redeem(a, s, amount);
// Get the compounding token that is redeemed by Sense
address compounding = ISenseAdapter(a).target();
// Redeem the compounding token back to the underlying
IConverter(converter).convert(
compounding,
u,
IERC20(compounding).balanceOf(address(this))
);
// Get the amount received
uint256 redeemed = IERC20(u).balanceOf(address(this)) - starting;
// Verify that underlying are received 1:1 - cannot trust the adapter
if (redeemed < amount) {
revert Exception(13, 0, 0, address(0), address(0));
}
Sense principal tokens for USDC is 8 decimals to match the decimals of the underlying cUSDC. The decimals of the ERC5095 vault matches the underlying of the vault. At the end it compares the relative balance change in the underlying and compares it to the amount of tokens redeemed. This mismatched decimals will make it impossible to redeem since Xe8 tokens (Sense decimals) were burned but only Xe6 (USDC decimals) tokens were received. It will always revert at that check causing the tokens to be nonredeemable.
Impact
USDC from Sense is impossible to redeem leading to loss of user funds
0x52
high
Redeemer#redeem for Sense slippage check is not adequete due to token decimal mismatch
Summary
Redeem uses a user specified adapter so it creates a balance check to confirm the honestly of the adapter being used in the redemption process. The problem is that sense token decimals don't match the underlying decimals making it impossible to to ever redeem USDC.
Vulnerability Detail
Sense principal tokens for USDC is 8 decimals to match the decimals of the underlying cUSDC. The decimals of the ERC5095 vault matches the underlying of the vault. At the end it compares the relative balance change in the underlying and compares it to the amount of tokens redeemed. This mismatched decimals will make it impossible to redeem since Xe8 tokens (Sense decimals) were burned but only Xe6 (USDC decimals) tokens were received. It will always revert at that check causing the tokens to be nonredeemable.
Impact
USDC from Sense is impossible to redeem leading to loss of user funds
Code Snippet
Redeemer.sol#L342-L398
Tool used
Manual Review
Recommendation
Decimals of Sense token should be queried and amount should be adjusted to match the decimals of the vault.
Duplicate of #228