15,000 USDC
View results
Submission Details
Severity: low
Valid

Use `a/b/c` instead of `a/(b*c)` to decrease arithmetic overflow probability.

Summary

getTokenAmountFromUsd() returns (usdAmountInWei * PRECISION) / (uint256(price) * ADDITIONAL_FEED_PRECISION);. This will revert if the denominator (uint256(price) * ADDITIONAL_FEED_PRECISION) exceeds type(uint256).max.

Vulnerability Details

Considering Chainlink TOKEN/USD price feed to have precision of 8 decimals, (uint256(price) * ADDITIONAL_FEED_PRECISION) will exceed type(uint256).max if dollar price of TOKEN is more than 115792089237316195423570985008687907853269984665640564039457 and revert.

To reduce such an occurrence, one can return this instead: (usdAmountInWei * PRECISION) / uint256(price) / ADDITIONAL_FEED_PRECISION;.

Impact

Current syntax causes overflow for very large USD price of a token and always reverts, blocking all liquidation attempts.

Tools Used

Manual review

Recommendations

  • Use syntax: (usdAmountInWei * PRECISION) / uint256(price) / ADDITIONAL_FEED_PRECISION;.

  • OR, return 0; when price exceeds the threshold.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.