In case of Depeg event return value from ` balanceDeployed()` is incorrect
Summary
Vulnerability Details
As off my understanding whole Use case of this codebase is
The keeper's actions exploit the price discrepancy between alETH and WETH:
Claiming WETH at the peg value (1:1 ratio).
Buying back alETH at a discount during the depeg event.
The profit comes from the premium (difference in alETH price), which is effectively arbitraged.
So may be in sometime (depeg time) both alETH and WETH will not be 1:1, one will be smaller than other
But in below function its adding both type of assets and return result as they both always be 1:1 , So in Depeg situation like above function will return wrong output amount.
https://github.com/Cyfrin/2024-12-alchemix/blob/main/src/StrategyArb.sol#L122-L124
Impact
Tools Used
Manual review
Recommendations
Possible solution is that function only return in One typr asset
I mean it will return output in Either in WETHform or in alETHform
alETH will be suit us more and justify function name
so first function should add both UnexchangedBalance and alETH balnce of this contract
then fetch claimable balance(weth from Transmuter) and add with any weth present in that contract
then called any Dex to fetch current price of weth in term of alETH (Its not swap just a view call to know current price action)
then finally add this with previous sumed alETH balnce and return that.
Appeal created
balanceDeployed() and _harvestAndReport() add WETH and alETH, but they have different prices
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.