users will receive not appropriate target tokens for their input - underlyingAmount
Summary
According to the docs users should redeem/withdraw their principal tokens based on scale at maturity time and not on current scale like its happening in withdraw
Vulnerability Detail
function withdraw(
uint256 underlyingAmount,
address to,
address from
) external override nonReentrant expired returns (uint256) {
GlobalScales memory _gscales = gscales;
uint256 cscale = _updateGlobalScalesCache(_gscales);
// Compute the shares to be redeemed
uint256 sharesRedeem = underlyingAmount.divWadDown(cscale); // @audit current scale
...
}
0xVolodya
medium
users will receive not appropriate target tokens for their input - underlyingAmount
Summary
According to the docs users should redeem/withdraw their principal tokens based on scale at maturity time and not on current scale like its happening in
withdraw
Vulnerability Detail
src/Tranche.sol#L337
Just like its happening in redeem
Impact
Users will burn a random(based on the current scale) amount of principal tokens and not the amount based on the underlying amount
Code Snippet
Tool used
Manual Review
Recommendation