rvierdiiev
medium
TxBuilderExtension.redeemNativeToken will not redeem whole amount when user provides type(uint256).max
TxBuilderExtension.redeemNativeToken will not redeem whole amount when user provides type(uint256).max, because it doesn't call accrueInterests before.
TxBuilderExtension.redeemNativeToken function is used to redeem tokens from IronBank. User can provide type(uint256).max amount when he wants withdraw whole supply amount.
https://github.com/sherlock-audit/2023-05-ironbank/blob/main/ib-v2/src/extensions/TxBuilderExtension.sol#L275-L283
function redeemNativeToken(address user, uint256 redeemAmount) internal nonReentrant {
if (redeemAmount == type(uint256).max) {
redeemAmount = ironBank.getSupplyBalance(user, weth);
}
ironBank.redeem(user, address(this), weth, redeemAmount);
WethInterface(weth).withdraw(redeemAmount);
(bool sent,) = user.call{value: redeemAmount}("");
require(sent, "failed to send native token");
}As you can see in case if redeemAmount == type(uint256).max, then ironBank.getSupplyBalance is called to get user's underlying amount that can be withdrawn. The problem here, is that interests are not accrued at this moment, which means that exchange rate can be bigger.
After that function calls ironBank.redeem and provide user's underying amount(without additional interests). And only then interests will be accrued, which will increase exchange rate.
Because of that user will not withdraw whole amount as he wanted and some interests will be still remaining.
User will not be able to withdraw whole balance, interests can be small, so user will not withdraw them as this will make him pay more on gas.
Provided above
Manual Review
You don't need to calculate it in TxBuilderExtension, as this is already done inside IronBank.