Skip to main content

Token Oversupply by Repayment Without Burn

What it detects

This detector flags lending and borrowing mechanisms where users repay loans or receive their collateral back, but the protocol fails to burn the associated debt or representative tokens. These tokens, often representing liabilities (e.g., cTokens, aTokens, or synthetic assets), must be destroyed upon repayment to maintain a correct accounting of circulating supply.

If they are not burned, they remain in circulation despite the underlying loan being closed. This leads to discrepancies between the actual protocol state and the apparent token supply.

The detector checks for:

  • Absence of a burn() call on debt tokens during loan repayment
  • Debt token balances persisting after repayment logic
  • Improper collateral release without adjusting synthetic or derivative token supply
  • Protocols that decouple asset redemption from token burning

Typical symptoms

  • Users retain debt or derivative tokens after full loan repayment
  • Token total supply grows without a corresponding increase in collateral
  • Collateral can be withdrawn multiple times due to broken accounting
  • Overstated user balance sheets and inflated TVL (Total Value Locked)
  • Token holders experience unintended dilution

Solidity snippet (v0.8.25)

pragma solidity ^0.8.25;

contract Lending {
    mapping(address => uint256) public debt;

    function repay(uint256 amount) external {
        // Reduces internal debt mapping, but no burn of representative token
        debt[msg.sender] -= amount;

        // Missing: burn debt tokens from user's wallet
        // e.g., DebtToken(borrowToken).burn(msg.sender, amount);
    }
}

Safer Version with Burn

function repay(uint256 amount) external {
    require(debt[msg.sender] >= amount, "Overpaying debt");

    debt[msg.sender] -= amount;

    // Burn debt or derivative token from sender to reflect repayment
    bool success = DebtToken(borrowToken).burnFrom(msg.sender, amount);
    require(success, "Burn failed");
}

Why it matters on EVM

In the EVM environment, all value movements must be explicitly handled, i.e., tokens do not automatically adjust to match business logic. If debt tokens (or their equivalents) aren't burned upon repayment, the protocol ends up with more tokens in circulation than it should, violating economic principles and damaging trust.

Consequences include:

  • Token oversupply, leading to price dilution and inflation
  • Collateral imbalances that make the protocol appear solvent when it's not
  • Exploits where users reclaim collateral without destroying synthetic liabilities
  • Difficulty in maintaining 1:1 peg for synthetic or backed assets
  • Protocol metrics like TVL and borrow/lend ratios becoming unreliable

In lending systems, correct supply management is critical to protocol integrity. Burning or locking representative tokens at the right time ensures accounting consistency, protects against inflation, and preserves trust in the token’s value.