In getTokenAmountFromUsd
and getUsdValue
there is the assumption that the returned price
will have 8 decimals.
In the current implementation, it assumes it in two spots:
However, there are tokens with USD price feed's decimal is not equal to 8 like AMPL / USD
feed decimals = 18).
When the price feed with decimals != 8
is set, the attacker can deposit a small amount of the asset and drain all the funds from the protocol.
Manual Review
There are a couple of recommendations.
One recommendation can be in the corresponding functions of DSCEngine.sol
to add a require
that the decimals must be equal to 8.
An other recommendation can be to round up to 18 decimals all the priceFeed
but you have to keep in mind in the future if there is going to be any priceFeed
with more than 18 decimals.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.