15,000 USDC
View results
Submission Details
Severity: low
Valid

Missing Division By 0 Check

Summary

The DSCEngine contract defines the getTokenAmountFromUsd function, which
implement a division. however, the division by 0
check is missing, which will cause an error if encountered.

Vulnerability Details

the division by zero may happen if the price provided by the pricefeed is 0;

Impact

the division will cause a runtime exception, and the transaction that triggered the division by zero will be reverted.-> transaction will fail & any changes made to the state of the contract during the transaction will be rolled back.

Tools Used

Manual Review

Recommendations

It is recommended to implement a validation mechanism, which will make
sure that division by 0 scenarios are handled properly.

  • Consider adding a second price feed oracle.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.