This repository has been archived by the owner on Sep 17, 2023. It is now read-only.
GimelSec - The decimals of collateral may different from 1e18, causing the user to borrow more than the real amount that can be borrowed. #159
Comments
github-actions
bot
added
High
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
GimelSec
high
The decimals of collateral may different from 1e18, causing the user to borrow more than the real amount that can be borrowed.
Summary
The decimals of collateral may different from 1e18, causing the user to borrow more than the real amount that can be borrowed.
Vulnerability Detail
The decimals of Collateral are not always 1e18. If we have a collateral token with 1e27 decimals, we will get a wrong collateral ratio.
Suppose we have 120 collateral tokens which are worth $120.
In
_computeCR():(_coll * _price * Constants.PRECISION) / (_debt * 10 ** priceDecimals)_coll: 120 * 1e27_price: 1 * 1e18, which means a collateral worth $1priceDecimals: 1e18_debt: 100 * 1e18, the max debt due to 120% collateral ratioWe get:
(120*1e27 * 1*1e18 * 1e18) / (100*1e18 * 10**18) = 1.2 * 1e27, which is 120000000000% rather than 120%.Impact
Users can borrow more than the real amount that can be borrowed.
Code Snippet
https://github.com/sherlock-audit/2023-03-taurus/blob/main/taurus-contracts/contracts/Libs/TauMath.sol#L18
Tool used
Manual Review
Recommendation
Handle the decimals of collateral in
_computeCR.Duplicate of #35
The text was updated successfully, but these errors were encountered: