3 matches found
NonCustodialPSM.mint ignores mint buffer reduced amount, mostly disabling mint rate control
Lines of code Vulnerability details Impact VOLT minting rate control doesn't happen when RateLimited's doPartialAction is true as NonCustodialPSM doesn't use the returned amount value, minting the full amount even when it was reduced by current mint buffer size limitation. There are two issues wi...
NonCustodialPSM's _getMintAmountOut and _getRedeemAmountOut don't account for underlyingToken decimals
Lines of code Vulnerability details Impact getMintAmountOut and getRedeemAmountOut are used to convert stablecoin amount to VOLT amount and back with the help of Oracle feed price. As stablecoin decimals differ both functions that do not scale the results accordingly will become grossly incorrect...
NonCustodialPSM can become insolvent as CPI index rises
Lines of code Vulnerability details Impact NonCustodialPSM mints and redeems VOLT to a chosen stablecoin at the current market rate minus a fixed fee. It is assumed that the difference to be covered with pcvDeposit funds. That assumption is similar to one used in FEI protocol, but there no rate...