First Flight #21: KittyFi

First Flight #21

Beginner FriendlyDeFiFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: high

Valid

Incorrect Collateral Value in Euros in KittyVault::getUserVaultMeowllateralInEuros

ayamercy

Summary

The function KittyVault::getUserVaultMeowllateralInEuros returns an incorrect value for the user's collateral in euros due to errors in the calculation involving price feeds and precision handling.

Vulnerability Details

The function getUserVaultMeowllateralInEuros is responsible for converting a user's collateral value from its native currency to euros. However, the calculation incorrectly handles the precision of the price feed data, leading to an inaccurate euro value for the user's collateral.

The problematic code is as follows:

function getUserVaultMeowllateralInEuros(address _user) external view returns (uint256) {

(, int256 collateralToUsdPrice, , , ) = i_priceFeed.latestRoundData();

(, int256 euroPriceFeedAns, , ,) = i_euroPriceFeed.latestRoundData();

@> uint256 collateralAns = getUserMeowllateral(_user).mulDiv(uint256(collateralToUsdPrice) * EXTRA_DECIMALS, PRECISION);

@> return collateralAns.mulDiv(uint256(euroPriceFeedAns) * EXTRA_DECIMALS, PRECISION);

}

PoC

Add the following to KittyFiTest.t.sol test file:

function test_userCollateralInEuros() public userDepositsCollateral {

uint256 userCollateral = wethVault.getUserVaultMeowllateralInEuros(user);

(, int256 usd,,,) = i_priceFeed.latestRoundData(); // ETH/USD

(, int256 eur,,,) = i_euroPriceFeed.latestRoundData(); // USD/EUR

uint256 usd_uint = uint256(usd);

uint256 eur_uint = uint256(eur);

uint256 realUserCollateral = ((wethVault.getUserMeowllateral(user) * usd_uint * 1e10 / 1e18) * eur_uint * 1e10 / 1e18)/1e18;

console.log("USD price feed:", usd);

console.log("EUR price feed:", eur);

console.log("userCollateral",userCollateral);

console.log("RealUserCollater:", realUserCollateral);

assert(userCollateral >= realUserCollateral * 1e18);

}

Impact

Incorrect Financial Calculations: The incorrect collateral value in euros could lead to erroneous financial decisions, affecting the accuracy of transactions, risk assessments, and liquidation processes.

Potential Under/Overestimation: Users may either be under-credited or over-credited for their collateral, leading to imbalances in the system and possible financial losses.

Tools Used

Manual review

Foundry (Testing Framework)

Recommendations

Correct Precision Handling: Adjust the calculation to properly handle the precision of price feed values, ensuring accurate conversion from the user's native collateral to euros

Updates

Lead Judging Commences

shikhar229169 Lead Judge about 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

`getUserVaultMeowllateralInEuros` doesn't considers the collateral decimals, instead uses constant precision which works only for 18 decimals

Rewards breakdown

nSLOC

224

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.