This is a non exhaustive list of known bugs and vulnerabilities which have been reported, fixed or have no discernible impact on the protocol.
In previous implementations of Tranched Pool, when a user withdrew their funds before a pool was locked, the pool token principalDeposited was not decreased, only the tranche principal deposited. This allowed a pool token holder to withdraw any portion of their principal (before the tranche was locked), while still earning interest on 100% of their initial deposit.
The 2.6.0 migration used the “reducePrincipalAmount” function to retroactively reduce the principal amount for affected pool tokens sans pool token with id “297”.
Merge pull request #401 from warbler-labs/will/gfi-305-initialize-str… · goldfinch-eng/mono@9b2dc46
The 2.7.0 migration used the “reducePrincipalAmount” function to retroactively reduce the principal amount for the pool token with id “297”. This migration also
This issue is live in all Tranched Pools before Cauris Fund #4, which incorporated the v2.7.0 fixed version of the TranchedPool implementation.
The issue only impacts pool tokens which were withdrawn upon before a pool was locked. Because all current pools are locked, the bug can not continue to occur.
The bug impacted some pool tokens which had their principalDeposited amount inflated. These principalDeposited amounts were retroactively fixed in migration 2.6.0
Pool Token 1 and Pool Token 179 were not adjusted in these migrations, but their principalDeposited amounts are only inflated by ~$0.51 USDC.
DrawdownPeriodInSeconds