Summary

The contract assumes that all token prices will have 8 decimals in their USD value representation. This assumption is not guaranteed, especially if different tokens with varying decimal precision are introduced into the contract.

Vulnerability Details

The contract currently allows the use of WETH/WBTC deposits to mint a stablecoin. While it is intended to accept any token that has a Chainlink price feed, the contract's calculations are based on the assumption that the prices from the Chainlink pair of {Token}/USD always have 8 decimals. However, this is not always the case, and some tokens, such as AMPL, have 18 decimals in their USD price representation, as observed in this contract address. See here

Impact

Incorrect calculations due to varying decimal precisions can lead to miscalculations in token amounts, resulting in financial losses for users and potential instability in the stablecoin's value.

Tools Used

VSCode

Recommendations

It is recommended to update the contract's code to handle token prices with varying decimal precisions correctly.
Or Simply Update the contract's documentation to indicate the supported decimal precision for token prices.