Faulty decimal assumption may cause wrong value calculation which will lead wrong health factor and liquidation of unhealthy positions won't work as expected.
getUsdValue()
function in DSCEngine.sol uses ADDITIONAL_FEED_PRECISION = 1e10 for all token pairs, assuming all tokens pairs will have 8 decimals. However, this is not the case given the contracts should work for "any basket of assets".
This may result in some healthy positions being liquidated (if price feed decimals < 8) and some unhealthy positions to look like healthy(if price feed decimals > 8).
An attacker can use such assets to deposit and mint more tokens than they should, causing protocol insolvency.
For example AMPL/USD price feed has 18 decimals and given it is enabled on the protocol an attacker can use $1 AMPL as collateral and mint $10.000.000.000 in stable coins.
https://etherscan.io/address/0xe20CA8D7546932360e37E9D72c1a47334af57706#readContract
Wrong value calculation may break whole protocol, resulting in protocol insolvency.
Manual review
Store decimals of the price feed for each pair and use that to calculate collateral value.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.