wrong implement of 'depositFor' and 'withdrawTo'

Summary

In depositFor we are minting amount * decimalsOffset and in withdrawTo we are burning only amount.

Vulnerability Detail

function depositFor(address account, uint256 amount) public virtual returns (bool) { if (address(underlyingToken) == address(0)) revert NotInitialized(); address sender = _msgSender(); if (sender == address(this)) revert CannotDeposit(); SafeERC20.safeTransferFrom(underlyingToken, sender, address(this), amount); @ _mint(account, amount * decimalsOffset);

    emit Deposit(account, amount);

    return true;
}

function withdrawTo(address account, uint256 amount) public virtual returns (bool) {
    if (address(underlyingToken) == address(0)) revert NotInitialized();
    uint256 unwrapAmount = amount / decimalsOffset;
    if (unwrapAmount == 0) revert CannotWithdraw();
    address msgSender = _msgSender();
    uint256 burntAmount = unwrapAmount * decimalsOffset;

@> _burn(msgSender, burntAmount); SafeERC20.safeTransfer(underlyingToken, account, unwrapAmount); if (msgSender != account) { _transfer(msgSender, account, amount - burntAmount); }

    emit Withdraw(account, amount);

    return true;
}

In depositFor we are minting amount * decimalsOffset and in withdrawTo we are burning only amount.

lets suppose we are using usdc so we will mint around amount*10^10. but burn only amount. so there is a big issue here.

Impact

lets suppose we are using usdc so we will mint around amount*10^10. but burn only amount. so there is a big issue here.

Code Snippet

https://github.com/sherlock-audit/2024-02-jala-swap/blob/main/jalaswap-dex-contract/contracts/utils/ChilizWrappedERC20.sol#L51

github.com/sherlock-audit/2024-02-jala-swap/blob/main/jalaswap-dex-contract/contracts/utils/ChilizWrappedERC20.sol#L38

Tool used

Manual Review

Recommendation

_mint(account, amount );

sherlock-audit / 2024-02-jala-swap-judging

bareli - wrong implement of 'depositFor' and 'withdrawTo' #199