Improvements to the mintDebt and repayDebt functions in stBTC contract #723
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The functions mintDebt and repayDebt are expected to return the amount
of assets calculated based on the provided amount of shares:
```
) public whenNotPaused returns (uint256 assets) {
```
but they were returning the amount of shares instead:
```
return shares;
```
Here we fix this problem and add tests to cover these cases.
Previously, the shares to assets conversion was rounding down, which could lead to a situation where the minted debt was against the vault's interest. Let's imagine a scenario where the vault has a 10% loss, meaning that each share is worth 0.9 assets. If a user mints 1 share, the debt registered due to rounding down would be 0. This can be used as a griefing attack, where a user could mint shares without registering any debt. To fix the issue, we now round up the shares to assets conversion in mintDebt function. Additionally, for the repayDebt function, we keep rounding down the shares to assets to avoid the opposite issue, where a user could repay more debt than they should. It may happen that conversion in `repayDebt` returns `0`, and it should be validated by the caller. Since, the interface used by the Mezo Portal contract `burnReceipt` function doesn't consider the return value of `repayDebt`, we are performing the validation in the `burnReceipt` function. For consistency we added a similar validation in the `mintReceipt` function.
These tests are covering changes from 490b179 We also add tests to verify conversions in case of vault registering a loss.
✅ Deploy Preview for acre-dapp-testnet canceled.
|
✅ Deploy Preview for acre-dapp canceled.
|
Comment on lines
+338
to
+341
| uint256 assets = mintDebt(amount, to); | ||
| if (assets == 0) { | ||
| revert ConvertedToZero(amount, assets); | ||
| } |
There was a problem hiding this comment.
So do I understand it correctly that in mintReceipt the ConvertedToZero error will be triggered when user will request too low amount of stBTC in the context of a given state of contract, right?
And alike - in burnReceipt user can trigger ConvertedToZero by requesting to burn a low amount of asset.
But what if that's all that was minted by this user? They will not be able to burn their stBTC?
|
I'm closing this PR as the debt minting feature will be removed soon. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fix returns in mintDebt and repayDebt functions (4f67f03)
The
mintDebtandrepayDebtfunctions are expected to return the amount of assets calculated based on the provided amount of shares:but they were returning the amount of shares instead:
return shares;We fix this problem and add tests to cover these cases.
Fix rounding of shares to assets conversions in debt minting (490b179)
Previously, the shares-to-assets conversion was rounding down, which could have resulted in the minted debt being against the vault's interest.
Suppose a scenario where the vault has a 10% loss, meaning that each share is worth 0.9 assets.
If a user mints 1 share, the debt registered due to rounding down would be 0.
This can be used in a griefing attack, where a user could mint shares without registering debt.
To fix the issue, we now round up the shares to assets conversion in the
mintDebtfunction.Additionally, for the
repayDebtfunction, we keep rounding down the shares to assets to avoid the opposite issue, where a user could repay more debt than they should.It may happen that conversion in
repayDebtreturns0, which should be validated by the caller. Since the interface used by the Mezo Portal contractburnReceiptfunction doesn't consider the return value ofrepayDebt, we are performing the validation in theburnReceiptfunction. We added a similar validation in themintReceiptfunction for consistency.