Attacker can extract value from the protocol if WBTC depegs from BTC as protocol uses native BTC/USD price feed to price WBTC.
Users can deposit a wrapped asset such as WBTC (wrapped BTC) and mint against it, but the protocol uses Chainlink's native BTC/USD feed to price WBTC.
If WBTC depegs from BTC (as has happened to other wrapped tokens during bridge hacks), the protocol will continue to price WBTC using the BTC/USD price, even though WBTC will very quickly become worth far less than native BTC.
An attacker could:
buy WBTC on a decentralized exchange for a far lower value than native BTC,
deposit WBTC into the protocol,
mint DSC against their WBTC using the full value of native BTC,
swap DSC for USDC or other stablecoin,
allow their WBTC position to be liquidated since it is worth far less than the protocol believes.
Attacker can extract value from the protocol in the event WBTC depegs from BTC.
Manual
To help address this issue the protocol could use Chainlink's WBTC/BTC price feed to monitor for a depeg event and/or another data source like UniwapV3 TWAP.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.