setRedeemable() can lead to users unable to redeem.
Summary
If redeemable is changed after users have minted UDX, these users will be unable to redeem.
Vulnerability Detail
setRedeemable() allows the governor to change the redeemable token address.
If a new redeemable token address is set, users who have previously minted UDX will not be able to redeem, as the following code block in _redeem() will revert:
joestakey
medium
setRedeemable()
can lead to users unable to redeem.Summary
If
redeemable
is changed after users have mintedUDX
, these users will be unable to redeem.Vulnerability Detail
setRedeemable()
allows the governor to change the redeemable token address. If a new redeemable token address is set, users who have previously mintedUDX
will not be able to redeem, as the following code block in_redeem()
will revert:Given that the user's balance of this new
redeemable
token is 0 (they own the previousredeemable
token)Impact
Users holding
UDX
are unable to redeem it.Code Snippet
https://github.com/sherlock-audit/2023-01-uxd/blob/main/contracts/core/UXDController.sol#L134-L139
Tool used
Manual Review
Recommendation
1 - remove
setRedeemable()
(it is not mentioned in the governance docs anyway) 2 - set the redeemable token address ininitialize()
Duplicate of #44