Category: Coding Mistakes
Fee amount not being burned
Low Severity
Low Impact
Low Likelihood
Description
In the Burn
function, a fee is added that will be deducted on top of the amount that a user wants to burn.
fee := sdk.NewInt64Coin(types.NativeTokenDenom, int64(params.BurnFeeFactor*btcFeeRate))
...
err = ms.bankKeeper.SendCoinsFromAccountToModule(ctx, signer, types.ModuleName, []sdk.Coin{amount.Add(fee)})
if err != nil {
return nil, types.ErrBurn.Wrap(err.Error())
}
The fee is added to the total amount, which is then deducted from the user's account. Then the coins are burned, but only amount
gets passed to the function responsible for burning the coins.
err = ms.bankKeeper.BurnCoins(ctx, types.ModuleName, []sdk.Coin{amount})
if err != nil {
return nil, types.ErrBurn.Wrap(err.Error())
}
Impact
Not burning the fee leaves the fee amount in the pool. Over time, this may dilute the pool with unwanted stBTC.
Recommendations
Add the fees to the amount to be burned.
Remediation
This issue was acknowledged by Lorenzo and fixed in commit f0f901ec↗.
The withdrawal fee was entirely removed. Now, no fee is charged when burning stBTC.