DittoETH

Ditto
DeFiFoundryOracle
55,000 USDC
View results
Submission Details
Severity: low
Valid

Rounding error in `LibOracle.sol` results in rounded price

Summary

Division before multiplication is performed, therefore rounding error is at most 1 USD in ETH price. Current price of 1 ETH is 1600 USD, as a result rounding error is 1 / 1600 * 100% = 0.06%.

Vulnerability Details

Division before multiplication truncates fractional part of price. For example if 1 ETH costs 1600.8 USD, then oracle will return 1600 USD

uint256 twapPriceInEther = (twapPrice / Constants.DECIMAL_USDC) * 1 ether;

Impact

Incorrect price is returned

Tools Used

Manual Review

Recommendations

Perform division after multiplication

Updates

Lead Judging Commences

0xnevi Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

finding-535

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.