0xnirlin - User cannot collect redemption even if called the redeem function while redeem was not paused.

[sherlock-admin2]

0xnirlin

medium

User cannot collect redemption even if called the redeem function while redeem was not paused.

Summary

User cannot collect redemption even if called the redeem function while redeem was not paused.

Vulnerability Detail

Lets say Alice redeems 1000 dollars and is now waiting for 1000 blocks to pass before she can collect redemption.

3000 blocks have passed and alice have not collected yet. And redeem functionality is paused.

The user should be able to get their tokens still back because the dollars she held are already burned from her on following line:

        ubiquityDollarToken.burnFrom(msg.sender, dollarAmount);

So collateral is now backing nothing and is ready to go to Alice but could not due to following lines in collect redemption:

        require(
            poolStorage.isRedeemPaused[collateralIndex] == false,
            "Redeeming is paused"
        );

this check is for the redeem not for collect redemption.

Alice should be able to collect the redemptions she made when the pool was not paused, it goes against the design principle otherwise.

Impact

Tokens are burnt from Alice but she can't get her funds back.

Code Snippet

https://github.com/sherlock-audit/2023-12-ubiquity/blob/d9c39e8dfd5601e7e8db2e4b3390e7d8dff42a8e/ubiquity-dollar/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol#L476-L517

Tool used

Meow

Recommendation

remove the following lines from collectRedemption

        require(
            poolStorage.isRedeemPaused[collateralIndex] == false,
            "Redeeming is paused"
        );

[nevillehuang]

Invalid, the redeemCollateralBalances will retain users uncollected redemption, so no funds is lost, once unpaused collections can be performed normally.