Beanstalk Part 2
Beanstalk
DeFiHardhat
35,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Protocol gives more assets than it should due to wrong price feed

holydevoti0n

Summary

When calculating the price of WSETH, the protocol utilizes the wrong price ETH/USD to return the price.
ETH has a USD value greater than STETH.

Reference:

https://data.chain.link/feeds/ethereum/mainnet/steth-usd

https://data.chain.link/feeds/ethereum/mainnet/eth-usd

https://data.chain.link/feeds/ethereum/mainnet/steth-eth

Vulnerability Details

LibWstethUsdOracle -> getWstethUsdPrice

function getWstethUsdPrice(uint256 lookback) internal view returns (uint256) {
return LibWstethEthOracle.getWstethEthPrice(lookback).mul(
LibEthUsdOracle.getEthUsdPrice(lookback) // @audit use the wrong price feed
).div(ORACLE_PRECISION);

Impact

  • Protocol will always return a wrong and greater price in assets than it should.

  • This will impact all features that use the Oracle price like Fertilizer, LibWell, Sop calculation, etc.

Tools Used

Manual Review

Recommendations

The correct price feed to be used when converting the WSETH price to USD should be from the STETH/USD.
https://data.chain.link/feeds/ethereum/mainnet/steth-usd

  • Create a lib similar to LibEthUsdOracle(or refactor it and include another function for stETH/USD price) and then use the STETH/USD price feed.

On the getWstethUsdPrice use the new lib to convert the price using the correct feed.

function getWstethUsdPrice(uint256 lookback) internal view returns (uint256) {
return LibWstethEthOracle.getWstethEthPrice(lookback).mul(
- LibEthUsdOracle.getEthUsdPrice(lookback)
+ LibStEthUsdOracle.getStEthUsdPrice(lookback)
).div(ORACLE_PRECISION);
Updates

Lead Judging Commences

giovannidisiena Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
Assigned finding tags:

Informational/Invalid

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.