Description

When withdrawing from a Tranche, the owner may specify a different receiver for the withdrawn assets per the ERC-4626 specification. When this happens, the _withdraw internal function tracks the statistics as follows:

function _withdraw(
    address caller,
    address receiver,
    address owner,
    uint256 assets,
    uint256 shares
) internal virtual override {
    //...

    // use original asset / share ratio and subject the relative asset amount
    if (receiver != owner) {
        _updateNegativePrincipal(owner, shares);

        // gifts are treated as deposits
        principalAssetsDeposited[receiver] += (assets - fee) * _PRECISION;
        totalPrincipalDeposited += (assets - fee) * _PRECISION;
        principalSharesDeposited[receiver] += shares;
    } else if (principalSharesDeposited[receiver] > 0) {
        _updateNegativePrincipal(receiver, shares);
    }
}

However, gifts should not be treated as deposits, since the assets are being withdrawn.

Impact

The principalAssetsDeposited and totalPrincipalDeposited statistics are incorrectly changed after a withdraw to a receiver different from the owner.

Recommendations

Fix this logic to correctly calculate the statistics.

Remediation

This issue has been acknowledged by Avantis Labs, Inc., and a fix was implemented in commit 8cf936e9↗. The Tranche statistics were removed.