Rebasing Token Explained in Detail
A rebasing token changes balances by adjusting supply. Instead of each user receiving a normal transfer, the token's accounting makes holder balances increase or decrease according to a rebase rule.
This means balanceOf(user) can change between two protocol actions even if the user did not move tokens.
Smart contract example
deposited[msg.sender] += amount;
token.transferFrom(msg.sender, address(this), amount);
If the token rebases later, the stored deposited value may no longer match the contract's real token balance or the user's economic claim.
Rebasing Token in Auditing
Rebasing tokens break the assumption that token balances only change through transfers. That matters for vault shares, lending collateral, reward snapshots, liquidation checks, and any accounting that caches raw balances.
Some protocols support rebasing assets deliberately. Others should reject them because balance drift can create windfalls, shortfalls, or stale collateral values.
Red flags in code
-
User deposits are stored as raw token balances without a share model.
-
The protocol assumes
balanceOfonly changes during its own functions. -
Rewards or fees are calculated from cached balances after a rebase.
-
Liquidation or collateral math does not define how rebases affect debt and collateral.
-
Supported asset onboarding does not classify non-standard ERC-20 behavior.
How to test or review it
-
Use a mock rebasing token that increases and decreases balances between actions.
-
Test deposit, withdraw, borrow, repay, liquidation, and reward flows across positive and negative rebases.
-
Check whether accounting is share-based, balance-delta based, or explicitly incompatible.
-
Verify user-facing claims remain fair after multiple rebases.
-
Add invariant testing around total assets, shares, debt, and user claims.