Beanstalk Part 2

Summary

https://github.com/Cyfrin/2024-04-beanstalk-2/blob/27ff8c87c9164c1fbff054be5f22e56f86cdf127/protocol/contracts/libraries/Minting/LibWellMinting.sol#L79C5-L94C6
If the oracle for a well is not initialized (lastSnapshot.length == 0), the function calls initializeOracle(well) but does not set or return any deltaB value after initialization. This means deltaB remains uninitialized and will likely be zero (the default value for uninitialized int256 in Solidity), which might not be the intended behavior after initializing a new oracle.

Vulnerability Details

https://github.com/Cyfrin/2024-04-beanstalk-2/blob/27ff8c87c9164c1fbff054be5f22e56f86cdf127/protocol/contracts/libraries/Minting/LibWellMinting.sol#L79C5-L94C6
If the oracle for a well is not initialized (lastSnapshot.length == 0), the function calls initializeOracle(well) but does not set or return any deltaB value after initialization. This means deltaB remains uninitialized and will likely be zero (the default value for uninitialized int256 in Solidity), which might not be the intended behavior after initializing a new oracle.

Impact

The primary purpose of the capture function is to ensure that the oracle data for a well is up-to-date, reflecting the latest changes in the well's state or initializing it if it's the first time. The deltaB variable is expected to represent the time-weighted average delta B since the last update. If deltaB is not updated after initializing the oracle, it fails to reflect any initial state or changes, leading to potentially incorrect oracle data being reported or used in subsequent calculations or decisions within the protocol.

Tools Used

Manual Review

Recommendations

Return a calculated deltaB upon initialization