StabilityPool miscalculation of flexible decimals feature
Summary
StabilityPool.sol contract allows to set another decimals for tokens (DeCRVUSD and RcrvUSD). But calculateRcrvUSDAmount() calculate it wrongly in case of different decimals between them (let's, 18 and 6)
Vulnerability Details
Function calculateRcrvUSDAmount() looks like this :
To illustrate the point let consider following example :
Rtoken decimals = 6;
Dtoken decimals = 18;
Now scalingFactor = 10e6
But this return (deCRVUSDAmount * getExchangeRate()) / scalingFactor; returns 1e30 precision (when it should 18)
Impact
miscalculation of protocol reserves if flexible token decimals feature applied
Tools Used
Manual review
Recommendations
calculate it same way as you do in calculateDeCRVUSDAmount()
Lead Judging Commences
Incorrect scaling factor formula in StabilityPool::calculateRcrvUSDAmount function
Both tokens have 18 decimals. Info
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.