In maxWithdraw(), the query for the PT balance for pre maturity is wrong, could potentially lead to fund leak of the whole token contract, and result in insolvency.
Vulnerability Detail
For pre maturity, the maxWithdraw() was expected to return a previewWithdraw for owner's PT balance. But the actual returned value is PT balance of the whole PT token address, by using _balanceOf[address(this)].
Impact
Potentially, this could results in users withdraw more than balance fund, in other way, fund leak from the pool, and causing pool drained.
141345
high
maxWithdraw()should use owner's balanceSummary
In
maxWithdraw(), the query for the PT balance for pre maturity is wrong, could potentially lead to fund leak of the whole token contract, and result in insolvency.Vulnerability Detail
For pre maturity, the
maxWithdraw()was expected to return a previewWithdraw for owner's PT balance. But the actual returned value is PT balance of the whole PT token address, by using_balanceOf[address(this)].Impact
Potentially, this could results in users withdraw more than balance fund, in other way, fund leak from the pool, and causing pool drained.
Code Snippet
https://github.com/sherlock-audit/2022-10-illuminate/blob/main/src/tokens/ERC5095.sol#L98-L103
Tool used
Manual Review
Recommendation
Change
_balanceOf[address(this)]to_balanceOf[o].Duplicate of #129