Summary

The mintFertilizer function in the FertilizerFacet contract allows users to purchase Fertilizer from the Barn Raise using the Barn Raise token. It calculates the amount of Fertilizer to mint using an internal function _getMintFertilizerOut, which divides the input token amount by the USD price of the Barn Raise token obtained from an Oracle. However, there is a potential issue where the Oracle function can return zero, leading to a division by zero error.

In these two cases the Oracle can return 0

• if ethUsdPrice == 0 the oracle return 0

• also, if wstethUsdPrice == 0 it return 0

Impact

If the Oracle function returns zero for the USD price of the Barn Raise token, the _getMintFertilizerOut function will attempt to divide by zero, causing a runtime error. This can result in the failure of the mintFertilizer function and potentially disrupt the purchasing process for Fertilizer.

Recommendation

It is recommended to add a check within the _getMintFertilizerOut function to validate the USD price obtained from the Oracle before performing the division operation. This check should ensure that the USD price is non-zero to prevent a division by zero error. Here's an example of how the check can be implemented:

With this check in place, the _getMintFertilizerOut function will ensure that the USD price obtained from the Oracle is valid before proceeding with the division operation, thereby preventing potential division by zero errors.