Merge branch 'fix/56' into 'master'

Resolve "Validate divison in the aToken/variable debt token to ensure it's not rounded down to 0" Closes #56 See merge request aave-tech/protocol-v2!64
2024-07-29 21:47:30 +00:00 · 2020-10-12 08:19:07 +00:00 · 2020-10-12 08:19:07 +00:00 · 024def04b5
commit 024def04b5
parent a7861f8cba 3ad9e7b9e0
4 changed files with 47 additions and 13 deletions
--- a/contracts/lendingpool/LendingPoolCollateralManager.sol
+++ b/contracts/lendingpool/LendingPoolCollateralManager.sol
@ -239,12 +239,15 @@ contract LendingPoolCollateralManager is VersionedInitializable, LendingPoolStor
        principalReserve.variableBorrowIndex
      );
    } else {
+      //if the user does not have variable debt, no need to try to burn variable
+      //debt tokens
+      if (vars.userVariableDebt > 0) {
        IVariableDebtToken(principalReserve.variableDebtTokenAddress).burn(
          user,
          vars.userVariableDebt,
          principalReserve.variableBorrowIndex
        );
-
+      }
      IStableDebtToken(principalReserve.stableDebtTokenAddress).burn(
        user,
        vars.actualAmountToLiquidate.sub(vars.userVariableDebt)
--- a/contracts/libraries/helpers/Errors.sol
+++ b/contracts/libraries/helpers/Errors.sol
@ -45,10 +45,12 @@ library Errors {
  string public constant INVALID_EQUAL_ASSETS_TO_SWAP = '56';
  string public constant NO_MORE_RESERVES_ALLOWED = '59';

-  // require error messages - aToken
+  // require error messages - aToken - DebtTokens
  string public constant CALLER_MUST_BE_LENDING_POOL = '28'; // 'The caller of this function must be a lending pool'
  string public constant CANNOT_GIVE_ALLOWANCE_TO_HIMSELF = '30'; // 'User cannot give allowance to himself'
  string public constant TRANSFER_AMOUNT_NOT_GT_0 = '31'; // 'Transferred amount needs to be greater than zero'
+  string public constant INVALID_MINT_AMOUNT = '53'; //invalid amount to mint
+  string public constant INVALID_BURN_AMOUNT = '54'; //invalid amount to burn

  // require error messages - ReserveLogic
  string public constant RESERVE_ALREADY_INITIALIZED = '34'; // 'Reserve has already been initialized'
--- a/contracts/tokenization/AToken.sol
+++ b/contracts/tokenization/AToken.sol
@ -101,7 +101,9 @@ contract AToken is VersionedInitializable, IncentivizedERC20, IAToken {
    uint256 amount,
    uint256 index
  ) external override onlyLendingPool {
-    _burn(user, amount.rayDiv(index));
+    uint256 amountScaled = amount.rayDiv(index);
+    require(amountScaled != 0, Errors.INVALID_BURN_AMOUNT);
+    _burn(user, amountScaled);

    //transfers the underlying to the target
    IERC20(UNDERLYING_ASSET_ADDRESS).safeTransfer(receiverOfUnderlying, amount);
@ -116,22 +118,41 @@ contract AToken is VersionedInitializable, IncentivizedERC20, IAToken {
   * only lending pools can call this function
   * @param user the address receiving the minted tokens
   * @param amount the amount of tokens to mint
+   * @param index the the last index of the reserve
   */
  function mint(
    address user,
    uint256 amount,
    uint256 index
  ) external override onlyLendingPool {
-    //mint an equivalent amount of tokens to cover the new deposit
-    _mint(user, amount.rayDiv(index));
+    uint256 amountScaled = amount.rayDiv(index);
+    require(amountScaled != 0, Errors.INVALID_MINT_AMOUNT);
+    _mint(user, amountScaled);

    //transfer event to track balances
    emit Transfer(address(0), user, amount);
    emit Mint(user, amount, index);
  }

+
+  /**
+   * @dev mints aTokens to reserve treasury
+   * only lending pools can call this function
+   * @param amount the amount of tokens to mint to the treasury
+   * @param index the the last index of the reserve
+   */
  function mintToTreasury(uint256 amount, uint256 index) external override onlyLendingPool {
-    _mint(RESERVE_TREASURY_ADDRESS, amount.div(index));
+
+    if(amount == 0){
+      return;
+    }
+
+    //compared to the normal mint, we don't check for rounding errors.
+    //the amount to mint can easily be very small since is a fraction of the interest
+    //accrued. in that case, the treasury will experience a (very small) loss, but it
+    //wont cause potentially valid transactions to fail.
+
+    _mint(RESERVE_TREASURY_ADDRESS, amount.rayDiv(index));

    //transfer event to track balances
    emit Transfer(address(0), RESERVE_TREASURY_ADDRESS, amount);
--- a/contracts/tokenization/VariableDebtToken.sol
+++ b/contracts/tokenization/VariableDebtToken.sol
@ -7,6 +7,7 @@ import {SafeMath} from '@openzeppelin/contracts/math/SafeMath.sol';
 import {DebtTokenBase} from './base/DebtTokenBase.sol';
 import {WadRayMath} from '../libraries/math/WadRayMath.sol';
 import {IVariableDebtToken} from './interfaces/IVariableDebtToken.sol';
+import {Errors} from '../libraries/helpers/Errors.sol';

 /**
 * @title contract VariableDebtToken
@ -60,7 +61,10 @@ contract VariableDebtToken is DebtTokenBase, IVariableDebtToken {
    uint256 index
  ) external override onlyLendingPool {
    
-    _mint(user, amount.rayDiv(index));
+    uint256 amountScaled = amount.rayDiv(index);
+    require(amountScaled != 0, Errors.INVALID_MINT_AMOUNT);
+
+    _mint(user, amountScaled);

    emit Transfer(address(0), user, amount);
    emit Mint(user, amount, index);
@ -76,7 +80,11 @@ contract VariableDebtToken is DebtTokenBase, IVariableDebtToken {
    uint256 amount,
    uint256 index
  ) external override onlyLendingPool {
-    _burn(user, amount.rayDiv(index));
+
+    uint256 amountScaled = amount.rayDiv(index);
+    require(amountScaled != 0, Errors.INVALID_BURN_AMOUNT);
+
+    _burn(user, amountScaled);

    emit Transfer(user, address(0), amount);
    emit Burn(user, amount, index);