Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dimulski - The protocol claims to support rebasing tokens, however accrued rewards will be lost #74

Closed
sherlock-admin2 opened this issue Sep 10, 2024 · 0 comments
Closed

dimulski - The protocol claims to support rebasing tokens, however accrued rewards will be lost #74

sherlock-admin2 opened this issue Sep 10, 2024 · 0 comments
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A Medium severity issue. Reward A payout will be made for this issue

Comments

@sherlock-admin2
Copy link
Contributor

sherlock-admin2 commented Sep 10, 2024
edited by sherlock-admin3
Loading

dimulski

Medium

The protocol claims to support rebasing tokens, however accrued rewards will be lost

Summary

The Cork protocol team claims that they support rebasing tokens as PA assets, however this is not the case. As per the README: Rebasing tokens are supported with exchange rate mechanism through Asset contracts. Lets take for example the stETH token, this is a token that tries to stay pegged to ETH and rewards are distributed daily to the accounts holding stETH. As per the Lido documentation: The mechanism which updates the stETH balances every day is called a “rebase”. Every day at 12PM UTC the amount of stETH in your address will increase with the current APR. The protocol doesn't have any mechanism to update the balance of the PA asset in the internal protocol accounting, the rewards generated by stETH will be lost forever. When users call the Psm::redeemRaWithDs() function they deposit PA and DS tokens into the contract and receive back RA tokens. If the PA tokens that the users deposited into the contract are for example stETH, the stETH APR that is transferred to the address holding the stETH tokens via the rebasing mechanism will be lost forever. The contract doesn't have any mechanism to increase the internal accounting of the PA tokens based on the rewards received, or withdraw the PA tokens in any way.

Root Cause

The protocol doesn't have any mechanism to update the internal accounting of rebasing PA tokens, and doesn't have any functionality to withdraw an arbitrary amount of PA tokens.

Internal pre-conditions

  1. Users deposit RA tokens in the protocol via the Psm::depositPsm() function, and receive back CT and DS tokens.
  2. Users redeem RA assets with PA and DS assets via the Psm::redeemRaWithDs() function

External pre-conditions

No response

Attack Path

There is no attack path, the protocol just doesn't work correcly.

Impact

The rewards generated by rebasing PA tokens held by the protocol will be lost forever.

PoC

No response

Mitigation

Implement a function to withdraw the rewards from rebasing PA tokens held by the protocol. Consider converting them to the corresponding RA token and distributing them as rewards.

Duplicate of #235
@github-actions github-actions bot added Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A Medium severity issue. labels Sep 14, 2024
@sherlock-admin3 sherlock-admin3 changed the title Colossal Magenta Elk - The protocol claims to support rebasing tokens, however accrued rewards will be lost dimulski - The protocol claims to support rebasing tokens, however accrued rewards will be lost Sep 25, 2024
@sherlock-admin3 sherlock-admin3 added the Reward A payout will be made for this issue label Sep 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Medium A Medium severity issue. Reward A payout will be made for this issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sherlock-admin2 @sherlock-admin3