juancito - There is no method for redeeming DAI to prevent negative scenarios described in the whitepaper
sherlock-admin opened this issue · 0 comments
juancito
medium
There is no method for redeeming DAI to prevent negative scenarios described in the whitepaper
Summary
The whitepaper describes that it should be possible to redeem DAI, and marks its importance to "serve as incentives to rebalance the coin" and the ability to "refill the reserves allowing the USSD to recover it’s price by reducing supply".
Vulnerability Detail
As per the USSD whitepaper:
If there is positive DAI balance in the collateral, USSD contract can provide
DAI for equal amount of USSD in return (that would be burned, contracting
supply).
The importance of this is said here:
Ability to mint and redeem USSD for DAI could serve as incentives to rebalance the coin when this is economically viable
And the most important feature is to have a mechanism to "help USSD recover in negative scenarios":
These methods also could be used to help USSD recover in negative scenarios:
if USSD value falls below 1 DAI and there are less than 1 DAI reserves per USSD
to refill the reserves allowing the USSD to recover it’s price by reducing supply
Impact
The protocol is lacking a mechanism to protect it from the negative scenarios described in the whitepaper.
Code Snippet
https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/USSD.sol#L18-L248
Tool used
Manual Review
Recommendation
Add a redeem function to burn USSD tokens and redeem DAI.
Duplicate of #958