In autoRedeem(), allowance is checked. But after the execution, it is not updated. The result could be unexpected burning of user's PT balance in the future and lead to unforeseeable loss.
Vulnerability Detail
Imagine the following:
At the beginning, Alice has allowance of 1000 and balance of 2000 PT. Her plan was to let the autoRedeem() run for 1000 PT, but after that, do the redeem() manually for the rest.
someone calls autoRedeem() for Alice, the 1000 PT balance is burned. However the allowance is still 1000.
some other user calls autoRedeem() again. The function will be executed, and the rest 1000 balance of PT will also be burned. Totally break Alice's plan.
The impact on Alice could be hard to anticipate. Since Alice could have used the remaining balance of PT in other placed. And the other protocol's action might depend on the balance of Alice. It could happen that her account on other contracts got liquidated due to lack of balance. Or some chained transaction failed because of the lack of liquidity here.
Impact
autoRedeem() could be duplicated called
user's PT balance could be mistakenly burned and incur unexpected loss
Code Snippet
The allowance is not updated in the autoRedeem() function, only checked at the beginning.
141345
high
autoRedeem()should update allowance afterwardsSummary
In
autoRedeem(), allowance is checked. But after the execution, it is not updated. The result could be unexpected burning of user's PT balance in the future and lead to unforeseeable loss.Vulnerability Detail
Imagine the following:
autoRedeem()run for 1000 PT, but after that, do theredeem()manually for the rest.autoRedeem()for Alice, the 1000 PT balance is burned. However the allowance is still 1000.autoRedeem()again. The function will be executed, and the rest 1000 balance of PT will also be burned. Totally break Alice's plan.The impact on Alice could be hard to anticipate. Since Alice could have used the remaining balance of PT in other placed. And the other protocol's action might depend on the balance of Alice. It could happen that her account on other contracts got liquidated due to lack of balance. Or some chained transaction failed because of the lack of liquidity here.
Impact
autoRedeem()could be duplicated calledCode Snippet
The allowance is not updated in the
autoRedeem()function, only checked at the beginning.https://github.com/sherlock-audit/2022-10-illuminate/blob/main/src/Redeemer.sol#L511-L541
Tool used
Manual Review
Recommendation
Update the allowance in the
autoRedeem()function after redeem underlying.Duplicate of #73