When oracleImpl.encodeType == bytes1(0x02)
it means that token's price is retrieved in 2 steps: firstly using Uniswap pool against USDT or USDC, and secondly pricing USDT or USDC against USD.
Problem is that incorrect parameters are passed to function to retrieve price from Uniswap pool.
Let's take a look on what LibUniswapOracle.getTwap()
does. It returns how much token2
needed to buy amount oneToken
of token1
:
So to price Token/USDC we should submit Token as token1
and USDC as token2
.
However now in LibUsdOracle.getTokenPriceFromExternal()
it submits parameters in the wrong order:
Incorrect token price is returned.
Manual Review
Change the order of tokens:
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.