Submission Details
Severity:
When the difference between the Chainlink price and the Uniswap price is too large, the wsteth/eth price is set to 0
Summary
When the difference between the Chainlink price and the Uniswap price is too large, the wsteth/eth price is set to 0
Vulnerability Details
if (LibOracleHelpers.getPercentDifference(chainlinkPrice, uniswapPrice) < MAX_DIFFERENCE) {
wstethEthPrice = chainlinkPrice.add(uniswapPrice).div(AVERAGE_DENOMINATOR);
if (wstethEthPrice > stethPerWsteth) wstethEthPrice = stethPerWsteth;
wstethEthPrice = wstethEthPrice.div(PRECISION_DENOMINATOR);
}
From above code, we can see when the difference between the Chainlink price and the Uniswap price is less than MAX_DIFFERENCE, wstethEthPrice will have a value. But if the difference is too large (1%), wstethEthPrice will get 0 as default.
Impact
The wstethEthPrice will be 0 if the difference between the Chainlink price and the Uniswap price is too large.
Tools Used
manual
Recommendations
Add revert.
if (LibOracleHelpers.getPercentDifference(chainlinkPrice, uniswapPrice) < MAX_DIFFERENCE) {
wstethEthPrice = chainlinkPrice.add(uniswapPrice).div(AVERAGE_DENOMINATOR);
if (wstethEthPrice > stethPerWsteth) wstethEthPrice = stethPerWsteth;
wstethEthPrice = wstethEthPrice.div(PRECISION_DENOMINATOR);
} else {
revert;
}
Updates
Lead Judging Commences
giovannidisiena over 1 year ago
Submission Judgement Published Assigned finding tags:
wstETH:ETH price max difference
Prize pool breakdown
Total prize
35,000 USDC
nSLOC
1,99118 USDC / LOC
30,000 USDC
1,500 USDC
3,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.