DittoETH

Ditto

DeFiFoundryOracle

55,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Valid

Stale price can be used to shutdown market

T1MOH

Summary

Stale price can be used to shutdown market. Price is not updated on shutdown. Usually price is updated due to activity on orderbook.
But there is no guarantees that in extreme situation when protocol's collRatio is too low, this activity in orderbook will remain. As a result collRatio will be calculated with stale price (potentially lower than current) resulting in market shutdown by mistake.

Vulnerability Details

Function _getAssetCollateralRatio() is used to calculate current collateral ratio. This function uses LibOracle.getPrice() which returns last saved price (potentially stale)

function shutdownMarket(address asset)

external

onlyValidAsset(asset)

isNotFrozen(asset)

nonReentrant

{

@> uint256 cRatio = _getAssetCollateralRatio(asset);

if (cRatio > LibAsset.minimumCR(asset)) {

revert Errors.SufficientCollateral();

} else {

/* SHUTDOWN */

}

...

}

function _getAssetCollateralRatio(address asset)

private

view

returns (uint256 cRatio)

{

STypes.Asset storage Asset = s.asset[asset];

return Asset.zethCollateral.div(LibOracle.getPrice(asset).mul(Asset.ercDebt));

}

Impact

Potentially higher than current price will be used in calculation of market collateralRatio. It can overestimate debt and shutdown market with sufficient collRatio by mistake

Tools Used

Manual Review

Recommendations

Firstly update price:

function shutdownMarket(address asset)

external

onlyValidAsset(asset)

isNotFrozen(asset)

nonReentrant

{

+ uint256 oraclePrice = LibOracle.getOraclePrice(asset);

+ asset.setPriceAndTime(oraclePrice, getOffsetTime());

uint256 cRatio = _getAssetCollateralRatio(asset);

if (cRatio > LibAsset.minimumCR(asset)) {

revert Errors.SufficientCollateral();

} else {

/* SHUTDOWN */

}

...

}

Updates

Lead Judging Commences

0xnevi Lead Judge

about 2 years ago

0xnevi Lead Judge about 2 years ago

Submission Judgement Published

Invalidated

Reason: Other

0xnevi Lead Judge

about 2 years ago

0xnevi Lead Judge about 2 years ago

Submission Judgement Published

Validated

Assigned finding tags:

finding-638

Prize pool breakdown

Total prize

55,000 USDC

nSLOC

3,365

16 USDC / LOC

High Medium

50,000 USDC

Low

5,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.