The protocol isn't going to work with difference decimals other than 18
Summary
The protocol isn't going to work with difference decimals other than 18
Vulnerability Detail
On borrowing the dailyRateCollateralBalance is sum with the COLLATERAL_BALANCE_PRECISION that is 1e18, if you want to borrow 2 decimals token, this mean that dailyRateCollateralBalance is 10^16 greater than the borrowed amount, this means, that if you want to pay with gemini USD you need to give 10^16 times more than the actual amount,
On the other hand, if you are giving token that has 24 decimals like YAM-V2, the user will pay 10^6 times lower than the actual amount
shtesesamoubiq
medium
The protocol isn't going to work with difference decimals other than 18
Summary
The protocol isn't going to work with difference decimals other than 18
Vulnerability Detail
On borrowing the dailyRateCollateralBalance is sum with the COLLATERAL_BALANCE_PRECISION that is 1e18, if you want to borrow 2 decimals token, this mean that dailyRateCollateralBalance is 10^16 greater than the borrowed amount, this means, that if you want to pay with gemini USD you need to give 10^16 times more than the actual amount,
On the other hand, if you are giving token that has 24 decimals like YAM-V2, the user will pay 10^6 times lower than the actual amount
Impact
Loss of funds
Code Snippet
https://github.com/sherlock-audit/2023-10-real-wagmi/blob/main/wagmi-leverage/contracts/LiquidityBorrowingManager.sol#L488-L490
https://github.com/sherlock-audit/2023-10-real-wagmi/blob/main/wagmi-leverage/contracts/abstract/ApproveSwapAndPay.sol#L185-L193
Tool used
Manual Review
Recommendation
dont use COLLATERAL_BALANCE_PRECISION, but use the token.decimal()
Duplicate of #176