@MidasCapitalxyz 2/ Root cause analysis: contract and its implementation contract misused the redeem counter. Because of lacking source code for implementation contract 0xf3c8, this analysis is based on the on-chain code logic.

@MidasCapitalxyz 3/ Attached 2 screenshots. Basically storage slot 0x13 is a mapping which contains like a counter allowed for user to call redeemUnderlying(). The function mint() will set that storage after deposit(). The formula is like (1e18 * 1e18 * mint_value)/exchangeRateCurrent().

@MidasCapitalxyz 4/ So if you provide different amount of HAY/BUSD AMM tokens, you will get multiple times token back. It is like a free ATM. I don't understand what will be the business logic behind.