Peculiar collateral tokens would give false USD value
Summary
Some peculiar tokens, if used as collateral, would give false USD value. Since the contract was designed in such a way that WETH & WBTC could be swapped for any other asset, swapping to such token could cause a lot of harm to the protocol.
The system is meant to be such that someone could fork this codebase, swap out WETH & WBTC for any basket of assets they like, and the code would work the same.
Vulnerability Details
The main issue is from the _getUsdValue function, particularly DSCEngine.sol:311
Although most USD pairs have 8 decimals, not all do. Pairs like AMPL/USD (Ampleforth) have 18 decimals.
References:
Impact
The impact would be quite severe as the USD price it would return would be inflated with 10 extra zeros. This can make the stablecoin lose it's peg to the dollar, thereby breaking the protocol.
Tools Used
Manual review.
Recommendations
Instead of hard-coding a general scenario assuming 8 decimals for all USD pairs, the decimal of the pricefeed can be gotten and used accordingly, OR there should be a warning stating that the contract would only work for pricefeeds with 8 decimals.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.