First Flight #21: KittyFi

First Flight #21

Beginner FriendlyDeFiFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: high

Valid

Collateral Value Assumption in `getTotalMeowllateralInAave` Function

brene

Summary

The getTotalMeowllateralInAave function assumes that the value returned by Aave, totalCollateralBase is in the same units as the collateral token. This assumption might not always hold true, depending on the Aave implementation, and can lead to incorrect calculations of the total collateral.

Vulnerability Details

The getTotalMeowllateralInAave function retrieves the total collateral from Aave and converts it to the same units as the collateral token using a price feed.

function getTotalMeowllateralInAave() public view returns (uint256) {

>> (uint256 totalCollateralBase, , , , , ) = i_aavePool.getUserAccountData(address(this));

(, int256 collateralToUsdPrice, , , ) = i_priceFeed.latestRoundData();

return totalCollateralBase.mulDiv(PRECISION, uint256(collateralToUsdPrice) * EXTRA_DECIMALS);

}

The function assumes that totalCollateralBase is in the same units as the collateral token. If Aave returns values in a different scale (e.g., 6 decimals instead of 18 decimals), the calculations will be incorrect.

Impact

If the units of totalCollateralBase are not consistent with the collateral token, the total collateral value will be miscalculated leading to financial discrepancies, affecting the fairness and accuracy of collateral management. Users might lose trust in the contract's reliability and accuracy if collateral values are incorrectly calculated.

Tools Used

Manual Review

Recommendation

Verify the units of totalCollateralBase and adjust them to match the units of the collateral token if necessary.

(uint256 totalCollateralBase, , , , , ) = i_aavePool.getUserAccountData(address(this));

// Assuming totalCollateralBase is in 6 decimals and collateral token is in 18 decimals

uint256 adjustedCollateralBase = totalCollateralBase * 1e12; // Convert to 18 decimals

(, int256 collateralToUsdPrice, , , ) = i_priceFeed.latestRoundData();

require(collateralToUsdPrice > 0, "Invalid collateral price feed data");

return adjustedCollateralBase.mulDiv(PRECISION, uint256(collateralToUsdPrice) * EXTRA_DECIMALS);

Updates

Lead Judging Commences

shikhar229169 Lead Judge

about 1 year ago

shikhar229169 Lead Judge about 1 year ago

Submission Judgement Published

Validated

Assigned finding tags:

`getTotalMeowllateralInAave` always returns price in 8 decimals for every collateral token

Rewards breakdown

nSLOC

224

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.