AmoMinter is able to borrow unclaimed user collateral
Summary
AmoMinter is able to borrow unclaimed user funds which would leave some users not being able to withdraw their funds after burning their Dollar token.
Vulnerability Detail
Inside LibUbiquityPool.sol:amoMinterBorrow the amoMinter is able to borrow all the contract collateral without keeping in mind that users that have already burned their Dollar tokens could be about to collect their redemption.
ilchovski
high
AmoMinter is able to borrow unclaimed user collateral
Summary
AmoMinter is able to borrow unclaimed user funds which would leave some users not being able to withdraw their funds after burning their Dollar token.
Vulnerability Detail
Inside LibUbiquityPool.sol:amoMinterBorrow the amoMinter is able to borrow all the contract collateral without keeping in mind that users that have already burned their Dollar tokens could be about to collect their redemption.
Impact
Users not being able to withdraw its unclaimed collateral.
Code Snippet
https://github.com/sherlock-audit/2023-12-ubiquity/blob/main/ubiquity-dollar/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol#L596
Tool used
Manual Review
Recommendation
Add check to limit the amoMinters to borrow only the free potion of the collateral.
Duplicate of #1