Misleading NatSpec for redeemCollateral function



24.49 USDC

24.49 USDC
Selected Submission

Misleading NatSpec for redeemCollateral function


Gas Optimization / Informational

Relevant GitHub Links


This comment on the redeemCollateral function is misleading * @notice If you have DSC minted, you will not be able to redeem until you burn your DSC

Vulnerability Details

The redeemCollateral function does not directly require the user to burn DSC to redeem their collateral. Instead, it checks whether the operation would break the health factor. In cases where a user has a high collateralization ratio, they may redeem some of their collateral without burning DSC while keeping their health factor above the threshold. Therefore, the NatSpec comment may inaccurately represent the redeemCollateral functionality under certain conditions.

PoC: Add this test to DSCEngineTest.t.sol and it passes

    function testCanRedeemCollateralWithSomeDSCMintedAndNotBurnDSC() public {
        //user deposits a large amout of weth and mints a small amount of dsc
        ERC20Mock(weth).approve(address(dsce), 1000);
        dsce.depositCollateralAndMintDsc(weth, 1000, 1);
        //user redeems some collateral without burning any dsc
        dsce.redeemCollateral(weth, 10);


This comment can lead users and auditors to misunderstand how the function works.

Tools Used

Manual Review


Remove the NatSpec line or further clarify that the redeemCollateral function may revert if the user has too much DSC minted and will need to burn DSC before calling the function again.