The Standard

Summary

Intrinsic arbitrage between assets due to price feed deviation threshold

Vulnerability Details

Currently protocol relies on the following chainlink price feeds in order to calculate MinimumAmountOut:
ETH/USD Deviation:0.05% Heartbeat:86400s
WBTC/USD Deviation:0.05% Heartbeat:86400s
LINK/USD Deviation:0.2% Heartbeat:3600s
PAXG/USD Deviation:0.5% Heartbeat:86400s
EUR/USD Deviation:0.1% Heartbeat:3600s

When collateralValueMinusSwapValue < requiredCollateralValue, the protocol calls calculator.eurToToken() to calculate the MinimumAmountOut. The calculation method is as follows

The protocol first fetches the price tokenUsdPrice of the token, then obtains the price eurUsdPrice of EUR. The calculation is performed as follows: _eurValue * eurUsdPrice / tokenUsdPrice.
This is correct in theory, but in practice the price feeds are slightly inaccurate. Chainlink has a deviation threshold of up to 0.5% or so, which means that it will not update the price unless the true price deviates at least 0.5%. Thus the price feeds mayncrease by up to 0.5%.

Note that for a normal single asset vault the price doesn't matter; it is merely a conversion factor. But when we have multiple assets the price does matter and must be carefully chosen such that one cannot profit by swap.

If eurUsdPrice decreases by 0.1%, and tokenUsdPrice increases by 0.5%, the final calculated value will deviate from the expected result, causing the minimumAmountOut value to be smaller, creating arbitrage opportunities.

Impact

The owner is susceptible to arbitrage during exchanges

Tools Used

Vscode

Recommendations

I was thinking about utilizing multiple price oracles, which could potentially close any profitable opportunities