The _deposit function in the smart contract implementation for Stable Yield Credit (yCREDIT), an Ethereum token, has certain incorrect calculations. An attacker can obtain more yCREDIT tokens than they should.