7 matches found
Malicious first depositor can steal all funds from all future depositors
Lines of code Vulnerability details Impact Due to a miscalculation in LRTOraclegetRSETHPrice, users who call LRTDepositPooldepositAsset when rsETH.totalSupply is non-zero will receive fewer rsETH tokens than they should due to a rounding error. This can be exploited by a malicious first depositor...
Consideration of tokens with decimals higher than 18
Lines of code Vulnerability details Impact Oracle contract has 2 functions - viewPrice & getPrice - to get the price through the Chainlink price feed in DOLA. Both functions check the decimals of the feedDecimals answer by calling feed.decimals and calculate the price by 36 - feedDecimals -...
A freshly added collateral token will cause the disadvantage of the borrowing price for the first borrowers.
Lines of code Vulnerability details Impact The Oracle contract is known to be pessimistic in way of serving the lowest prices to prevent borrowers from borrowing more than the lowest recorded value of their collateral over the past 2 days. However, this is not possible for the tokens which are...
Using deprecated Chainlink function latestAnswer could result in wrong borrowing power
Lines of code Vulnerability details Impact The Oracle contract is used to get the latest price for the users collateral tokens, but the functions getPrice and viewPrice use a deprecated Chainlink function latestAnswer to get the price of a given token as it's mentionned here, this function does n...
Decimals are computed in the wrong way if the collateral token doesn't have 18 decimals
Lines of code Vulnerability details Impact Huge accounting errors and losses for borrowers and liquidators if a collateral token with a non-18 decimal value is used. The oracle contract won't always return prices in 18 decimals. Proof of Concept The oracle returns the price in a normalized way...
Chain ID Is Not Resistant To Hard Fork and Other Token Supports In The Oracle Contract
Lines of code Vulnerability details Impact During the code review, It has been observed only the following chain ids are supported for the chainlink. 1 and 42 - The contracts are not upgradeable therefore If there is any hard fork or new chain support, the contract should be deployed again with...
onPriceCheck revert on every transaction
Handle jonah1005 Vulnerability details Impact onPriceCheck in the Alchemist.sol does not implement correctly. modifier onPriceCheck if pegMinimum 0 require ICurveTokenaddresstoken.getvirtualprice pegMinimum, 'off peg limitation' ; ; There's no getvirtualprice in stable coin contracts. There's no...