A malicious user can drain funds in the case of a depeg of the USDz token
Summary
When a user wants to perform a swap, the protocol assumes that the price of USDz is $1, which can lead to an exploit in the case of a depeg event.
Vulnerability Details
When a user wants to perform a swap, they must call initiateSwap in the StabilityBranch, and then the keeper will execute the swap by calling fulfillSwap. The amount of USDz will then be swapped for the collaterals of the vaults specified by the user.
The function getAmountOfAssetOut is called in both `initiateSwap` and `fulfillSwap` to determine the collateral amount out.
The problem is that the function directly computes the output asset amount by assuming that the price of one USDz is $1, as seen in line 124 of the StabilityBranch:
The function directly computes the output amount using the USD price of the collateral but does not account for the possibility that 1 USDz might not equal $1. This can lead to an exploit in the case of a depeg event.
Impact
The user can receive a higher collateral value for a lower USDz value.
Tools Used
Manual Review
Recommendations
Refactor the function and integrate an oracle for USDz to compute the output amount correctly.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.