The `PsmLib.lvRedeemRaWithCtDs()` function doesn't decrease the locked amount of `RA`

Summary

The lvRedeemRaWithCtDs() function is invoked when exchanging CT + DS for RA (through redeemEarly -> _liquidateLpPartial -> _redeemCtDsAndSellExcessCt). This function only burns CT + DS without decreasing the locked amount of RA.

Vulnerability Detail

As you can see, the lvRedeemRaWithCtDs() function only burns CT + DS without decreasing the locked amount of RA. Consequently, psm.balances.ra.locked (which represents the amount of locked RA) will be greater than it should be, leading to a loss of funds for the protocol, as the locked RA will be distributed to users after expiry.

    function lvRedeemRaWithCtDs(State storage self, uint256 amount, uint256 dsId) internal {
        DepegSwap storage ds = self.ds[dsId];
127     ds.burnBothforSelf(amount);
    }

Impact

Loss of RA for the protocol.

Code Snippet

https://github.com/sherlock-audit/2024-08-cork-protocol/tree/main/Depeg-swap/contracts/libraries/PsmLib.sol#L125-L128

Tool used

Manual Review

Recommendation

Also, decrease the locked amount of RA.

Duplicate of #166

sherlock-audit / 2024-08-cork-protocol-judging

KupiaSec - The `PsmLib.lvRedeemRaWithCtDs()` function doesn't decrease the locked amount of `RA` #221

The `PsmLib.lvRedeemRaWithCtDs()` function doesn't decrease the locked amount of `RA`

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

sherlock-audit / 2024-08-cork-protocol-judging

KupiaSec - The `PsmLib.lvRedeemRaWithCtDs()` function doesn't decrease the locked amount of `RA` #221

The PsmLib.lvRedeemRaWithCtDs() function doesn't decrease the locked amount of RA

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

The `PsmLib.lvRedeemRaWithCtDs()` function doesn't decrease the locked amount of `RA`