Submission Details
Severity:
In Governance :: getExchangeRate(), the implementation that was supposed to return exchange rate is commented out leading to returning only 1e18 as exchange rate
[M-3] In Governance :: getExchangeRate(), the implementation that was supposed to return exchange rate is commented out leading to returning only 1e18 as exchange rate
vulnerability details
In Governance :: getExchangeRate(), the implementation that was supposed to return exchange rate is commented
This now leads to getExchangeRate() only returns 1e18,
// @audit this does not return current exchange ratefunction
getExchangeRate() public view returns (uint256) {
// uint256 totalDeCRVUSD = deToken.totalSupply();
// uint256 totalRcrvUSD = rToken.balanceOf(address(this)); // if (totalDeCRVUSD == 0 || totalRcrvUSD == 0) return 10**18;
// uint256 scalingFactor = 10**(18 + deTokenDecimals - rTokenDecimals); // return (totalRcrvUSD * scalingFactor) / totalDeCRVUSD;
return 1e18;
}
Impact:
this leads to incorrect calculation in calculateDeCRVUSDAmount etc
Recommended Mitigation:
Kindly uncomment the commented implementation in getExchangeRate()
Updates
Lead Judging Commences
inallhonesty 4 months ago
Submission Judgement Published Assigned finding tags:
StabilityPool::getExchangeRate hardcodes 1:1 ratio instead of calculating real rate, enabling unlimited deToken minting against limited reserves
inallhonesty 4 months ago
Submission Judgement Published Assigned finding tags:
StabilityPool::getExchangeRate hardcodes 1:1 ratio instead of calculating real rate, enabling unlimited deToken minting against limited reserves
Prize pool breakdown
Total prize
77,280 USDC
nSLOC
3,86420 USDC / LOC
74,000
3,280
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.