You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Nov 26, 2023. It is now read-only.
sherlock-admin opened this issue
May 24, 2023
· 0 comments
Labels
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
Users can mint new USSD tokens by providing the appropriate amount of collateral tokens. However, the protocol missing functionality to withdraw collateral (redeem USSD tokens).
Impact
Users would be unable to redeem minted USSD tokens back to collateral. This would result in collateral stuck on the USSD balance or forcing users to "redeem" through selling in USSD on AMM which would lead to losses compared with regular redeeming flow.
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
sashik_eth
high
Missing redeem function
Summary
Missing redeem function.
Vulnerability Detail
Users can mint new USSD tokens by providing the appropriate amount of collateral tokens. However, the protocol missing functionality to withdraw collateral (redeem USSD tokens).
Impact
Users would be unable to redeem minted USSD tokens back to collateral. This would result in collateral stuck on the USSD balance or forcing users to "redeem" through selling in USSD on AMM which would lead to losses compared with regular redeeming flow.
Code Snippet
https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/USSD.sol#L147
Tool used
Manual Review
Recommendation
Consider implementing redeem function that would allow users to withdraw collateral from USSD.
Duplicate of #958
The text was updated successfully, but these errors were encountered: