diff --git a/contracts/flashloan/interfaces/IFlashLoanReceiver.sol b/contracts/flashloan/interfaces/IFlashLoanReceiver.sol index e3c2636c..5c92236a 100644 --- a/contracts/flashloan/interfaces/IFlashLoanReceiver.sol +++ b/contracts/flashloan/interfaces/IFlashLoanReceiver.sol @@ -13,5 +13,5 @@ interface IFlashLoanReceiver { uint256 amount, uint256 fee, bytes calldata params - ) external; + ) external returns (bool); } diff --git a/contracts/lendingpool/LendingPool.sol b/contracts/lendingpool/LendingPool.sol index 526aa7f0..21146298 100644 --- a/contracts/lendingpool/LendingPool.sol +++ b/contracts/lendingpool/LendingPool.sol @@ -579,7 +579,10 @@ contract LendingPool is VersionedInitializable, ILendingPool, LendingPoolStorage IAToken(vars.aTokenAddress).transferUnderlyingTo(receiverAddress, amount); //execute action of the receiver - vars.receiver.executeOperation(asset, amount, vars.premium, params); + require( + vars.receiver.executeOperation(asset, amount, vars.premium, params), + Errors.INVALID_FLASH_LOAN_EXECUTOR_RETURN + ); vars.amountPlusPremium = amount.add(vars.premium); diff --git a/contracts/lendingpool/LendingPoolCollateralManager.sol b/contracts/lendingpool/LendingPoolCollateralManager.sol index 1e5488a4..356ce1a4 100644 --- a/contracts/lendingpool/LendingPoolCollateralManager.sol +++ b/contracts/lendingpool/LendingPoolCollateralManager.sol @@ -239,12 +239,15 @@ contract LendingPoolCollateralManager is VersionedInitializable, LendingPoolStor principalReserve.variableBorrowIndex ); } else { - IVariableDebtToken(principalReserve.variableDebtTokenAddress).burn( - user, - vars.userVariableDebt, - principalReserve.variableBorrowIndex - ); - + //if the user does not have variable debt, no need to try to burn variable + //debt tokens + if (vars.userVariableDebt > 0) { + IVariableDebtToken(principalReserve.variableDebtTokenAddress).burn( + user, + vars.userVariableDebt, + principalReserve.variableBorrowIndex + ); + } IStableDebtToken(principalReserve.stableDebtTokenAddress).burn( user, vars.actualAmountToLiquidate.sub(vars.userVariableDebt) diff --git a/contracts/libraries/helpers/Errors.sol b/contracts/libraries/helpers/Errors.sol index 48fc7f32..ee71efaa 100644 --- a/contracts/libraries/helpers/Errors.sol +++ b/contracts/libraries/helpers/Errors.sol @@ -44,11 +44,14 @@ library Errors { string public constant FAILED_COLLATERAL_SWAP = '55'; string public constant INVALID_EQUAL_ASSETS_TO_SWAP = '56'; string public constant NO_MORE_RESERVES_ALLOWED = '59'; + string public constant INVALID_FLASH_LOAN_EXECUTOR_RETURN = '60'; - // require error messages - aToken + // require error messages - aToken - DebtTokens string public constant CALLER_MUST_BE_LENDING_POOL = '28'; // 'The caller of this function must be a lending pool' string public constant CANNOT_GIVE_ALLOWANCE_TO_HIMSELF = '30'; // 'User cannot give allowance to himself' string public constant TRANSFER_AMOUNT_NOT_GT_0 = '31'; // 'Transferred amount needs to be greater than zero' + string public constant INVALID_MINT_AMOUNT = '53'; //invalid amount to mint + string public constant INVALID_BURN_AMOUNT = '54'; //invalid amount to burn // require error messages - ReserveLogic string public constant RESERVE_ALREADY_INITIALIZED = '34'; // 'Reserve has already been initialized' diff --git a/contracts/mocks/flashloan/MockFlashLoanReceiver.sol b/contracts/mocks/flashloan/MockFlashLoanReceiver.sol index 112084a7..cf717e6f 100644 --- a/contracts/mocks/flashloan/MockFlashLoanReceiver.sol +++ b/contracts/mocks/flashloan/MockFlashLoanReceiver.sol @@ -20,6 +20,7 @@ contract MockFlashLoanReceiver is FlashLoanReceiverBase { bool _failExecution; uint256 _amountToApprove; + bool _simulateEOA; constructor(ILendingPoolAddressesProvider provider) public FlashLoanReceiverBase(provider) {} @@ -31,16 +32,25 @@ contract MockFlashLoanReceiver is FlashLoanReceiverBase { _amountToApprove = amountToApprove; } + function setSimulateEOA(bool flag) public { + _simulateEOA = flag; + } + function amountToApprove() public view returns (uint256) { return _amountToApprove; } + function simulateEOA() public view returns (bool) { + return _simulateEOA; + } + function executeOperation( address reserve, uint256 amount, uint256 fee, bytes memory params - ) public override { + ) public override returns (bool) { + params; //mint to this contract the specific amount MintableERC20 token = MintableERC20(reserve); @@ -51,7 +61,7 @@ contract MockFlashLoanReceiver is FlashLoanReceiverBase { if (_failExecution) { emit ExecutedWithFail(reserve, amount, fee); - return; + return !_simulateEOA; } //execution does not fail - mint tokens and return them to the _destination @@ -62,5 +72,7 @@ contract MockFlashLoanReceiver is FlashLoanReceiverBase { IERC20(reserve).approve(_addressesProvider.getLendingPool(), amountToReturn); emit ExecutedWithSuccess(reserve, amount, fee); + + return true; } } diff --git a/contracts/tokenization/AToken.sol b/contracts/tokenization/AToken.sol index 98c54bcd..3e6d4c76 100644 --- a/contracts/tokenization/AToken.sol +++ b/contracts/tokenization/AToken.sol @@ -101,7 +101,9 @@ contract AToken is VersionedInitializable, IncentivizedERC20, IAToken { uint256 amount, uint256 index ) external override onlyLendingPool { - _burn(user, amount.rayDiv(index)); + uint256 amountScaled = amount.rayDiv(index); + require(amountScaled != 0, Errors.INVALID_BURN_AMOUNT); + _burn(user, amountScaled); //transfers the underlying to the target IERC20(UNDERLYING_ASSET_ADDRESS).safeTransfer(receiverOfUnderlying, amount); @@ -116,22 +118,39 @@ contract AToken is VersionedInitializable, IncentivizedERC20, IAToken { * only lending pools can call this function * @param user the address receiving the minted tokens * @param amount the amount of tokens to mint + * @param index the the last index of the reserve */ function mint( address user, uint256 amount, uint256 index ) external override onlyLendingPool { - //mint an equivalent amount of tokens to cover the new deposit - _mint(user, amount.rayDiv(index)); + uint256 amountScaled = amount.rayDiv(index); + require(amountScaled != 0, Errors.INVALID_MINT_AMOUNT); + _mint(user, amountScaled); //transfer event to track balances emit Transfer(address(0), user, amount); emit Mint(user, amount, index); } + /** + * @dev mints aTokens to reserve treasury + * only lending pools can call this function + * @param amount the amount of tokens to mint to the treasury + * @param index the the last index of the reserve + */ function mintToTreasury(uint256 amount, uint256 index) external override onlyLendingPool { - _mint(RESERVE_TREASURY_ADDRESS, amount.div(index)); + if (amount == 0) { + return; + } + + //compared to the normal mint, we don't check for rounding errors. + //the amount to mint can easily be very small since is a fraction of the interest + //accrued. in that case, the treasury will experience a (very small) loss, but it + //wont cause potentially valid transactions to fail. + + _mint(RESERVE_TREASURY_ADDRESS, amount.rayDiv(index)); //transfer event to track balances emit Transfer(address(0), RESERVE_TREASURY_ADDRESS, amount); diff --git a/contracts/tokenization/VariableDebtToken.sol b/contracts/tokenization/VariableDebtToken.sol index 5582db9a..f8e48af9 100644 --- a/contracts/tokenization/VariableDebtToken.sol +++ b/contracts/tokenization/VariableDebtToken.sol @@ -7,6 +7,7 @@ import {SafeMath} from '@openzeppelin/contracts/math/SafeMath.sol'; import {DebtTokenBase} from './base/DebtTokenBase.sol'; import {WadRayMath} from '../libraries/math/WadRayMath.sol'; import {IVariableDebtToken} from './interfaces/IVariableDebtToken.sol'; +import {Errors} from '../libraries/helpers/Errors.sol'; /** * @title contract VariableDebtToken @@ -59,7 +60,10 @@ contract VariableDebtToken is DebtTokenBase, IVariableDebtToken { uint256 amount, uint256 index ) external override onlyLendingPool { - _mint(user, amount.rayDiv(index)); + uint256 amountScaled = amount.rayDiv(index); + require(amountScaled != 0, Errors.INVALID_MINT_AMOUNT); + + _mint(user, amountScaled); emit Transfer(address(0), user, amount); emit Mint(user, amount, index); @@ -75,7 +79,10 @@ contract VariableDebtToken is DebtTokenBase, IVariableDebtToken { uint256 amount, uint256 index ) external override onlyLendingPool { - _burn(user, amount.rayDiv(index)); + uint256 amountScaled = amount.rayDiv(index); + require(amountScaled != 0, Errors.INVALID_BURN_AMOUNT); + + _burn(user, amountScaled); emit Transfer(user, address(0), amount); emit Burn(user, amount, index); diff --git a/helpers/types.ts b/helpers/types.ts index 450d65aa..0b5e4a33 100644 --- a/helpers/types.ts +++ b/helpers/types.ts @@ -90,6 +90,7 @@ export enum ProtocolErrors { REQUESTED_AMOUNT_TOO_SMALL = '25', // 'The requested amount is too small for a FlashLoan.' INCONSISTENT_PROTOCOL_ACTUAL_BALANCE = '26', // 'The actual balance of the protocol is inconsistent' CALLER_NOT_LENDING_POOL_CONFIGURATOR = '27', // 'The actual balance of the protocol is inconsistent' + INVALID_FLASH_LOAN_EXECUTOR_RETURN = '60', // The flash loan received returned 0 (EOA) // require error messages - aToken CALLER_MUST_BE_LENDING_POOL = '28', // 'The caller of this function must be a lending pool' diff --git a/test/flashloan.spec.ts b/test/flashloan.spec.ts index c2be90ed..93d748b0 100644 --- a/test/flashloan.spec.ts +++ b/test/flashloan.spec.ts @@ -24,6 +24,7 @@ makeSuite('LendingPool FlashLoan function', (testEnv: TestEnv) => { INVALID_FLASHLOAN_MODE, SAFEERC20_LOWLEVEL_CALL, IS_PAUSED, + INVALID_FLASH_LOAN_EXECUTOR_RETURN, } = ProtocolErrors; before(async () => { @@ -116,9 +117,30 @@ makeSuite('LendingPool FlashLoan function', (testEnv: TestEnv) => { ).to.be.revertedWith(TRANSFER_AMOUNT_EXCEEDS_BALANCE); }); + it('Takes WETH flashloan, simulating a receiver as EOA (revert expected)', async () => { + const {pool, weth, users} = testEnv; + const caller = users[1]; + await _mockFlashLoanReceiver.setFailExecutionTransfer(true); + await _mockFlashLoanReceiver.setSimulateEOA(true); + + await expect( + pool + .connect(caller.signer) + .flashLoan( + _mockFlashLoanReceiver.address, + weth.address, + ethers.utils.parseEther('0.8'), + 0, + '0x10', + '0' + ) + ).to.be.revertedWith(INVALID_FLASH_LOAN_EXECUTOR_RETURN); + }); + it('Takes a WETH flashloan with an invalid mode. (revert expected)', async () => { const {pool, weth, users} = testEnv; const caller = users[1]; + await _mockFlashLoanReceiver.setSimulateEOA(false); await _mockFlashLoanReceiver.setFailExecutionTransfer(true); await expect(