15,000 USDC
View results
Submission Details
Severity: medium
Valid

Protocol assumes feed decimals is 8 at all cases

Summary

Protocol assumes feed decimals is 18 at all cases

Vulnerability Details

Not all token has their feed decimals is 8, hence ADDITIONAL_FEED_PRECISION is immutable and always equal to 1e10 is not correct in every cases.

function getTokenAmountFromUsd(address token, uint256 usdAmountInWei) public view returns (uint256) {
AggregatorV3Interface priceFeed = AggregatorV3Interface(s_priceFeeds[token]);
(, int256 price,,,) = priceFeed.staleCheckLatestRoundData();
// ($10e18 * 1e18) / ($2000e8 * 1e10)
return (usdAmountInWei * PRECISION) / (uint256(price) * ADDITIONAL_FEED_PRECISION);
}
function getUsdValue(address token, uint256 amount) public view returns (uint256) {
AggregatorV3Interface priceFeed = AggregatorV3Interface(s_priceFeeds[token]);
(, int256 price,,,) = priceFeed.staleCheckLatestRoundData();
return ((uint256(price) * ADDITIONAL_FEED_PRECISION) * amount) / PRECISION;
}

Impact

This can make values of the tokens that have the feed decimals not equal to 8 is not calculated correctly
For example:

  • If a token X has the feed decimals equal to 18, the value of the token is calculated 1e10 times bigger than its expected value

  • If a token Y has the feed decimals equal to 2, the value of the token is calculated 1e6 times smaller than its expected value
    Because of this, users can mint DSC token more than expected

Tools Used

VSCode

Recommendations

Get decimals from chainlink for each token to calculate ADDITIONAL_FEED_PRECISION

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.