Core Contracts

Finding Description and Impact

The _totalValue variable in the Treasury contract assumes that all tokens have equal value, which is fundamentally inaccurate. This assumption can lead to a significant misrepresentation of the treasury's actual worth.

The root cause of this issue is the simplistic approach of summing up token balances without considering the actual market value of each token. This approach fails to account for the varying valuations of different tokens, leading to an inaccurate representation of the treasury's total value.

Proof of Concept

Code References:

• _totalValue Declaration and Usage:

  uint256 private _totalValue; // Total value across all tokens

• deposit Function:

  function deposit(address token, uint256 amount) external override nonReentrant {

  // ...

  _balances[token] += amount;

  _totalValue += amount; // Inaccurate addition to _totalValue

  // ...

  }

• withdraw Function:

  function withdraw(address token, uint256 amount, address recipient) external override nonReentrant onlyRole(MANAGER_ROLE) {

  // ...

  _balances[token] -= amount;

  _totalValue -= amount; // Inaccurate subtraction from _totalValue

  // ...

  }

Recommended Mitigation Steps

Option 1: Implement a Price Oracle

• Description: Integrate a price oracle to determine the value of each token in a default currency (e.g., USD) and update _totalValue accordingly.

• Pros: Provides a more accurate representation of the treasury's total value.

• Cons:

  • High gas costs due to frequent storage updates, especially for volatile tokens.

  • Complexity in integrating and maintaining the oracle.

• Implementation:

  solidity

  Copy

  function updateTotalValue(address token, uint256 amount) internal {

  uint256 tokenValue = priceOracle.getTokenValue(token, amount);

  _totalValue += tokenValue;

  }

Option 2: Remove _totalValue Variable

• Description: Remove the _totalValue variable entirely and rely on external tools or contracts to calculate the treasury's total value when needed.

• Pros:

  • Reduces gas costs by eliminating unnecessary storage operations.

  • Simplifies the contract logic.

• Cons:

  • Requires external tools or contracts to calculate the total value, which may introduce additional complexity off-chain.

• Implementation:

  solidity

  Copy

  // Remove _totalValue and related logic

Recommendation:

Given the trade-offs, Option 2 (Removing _totalValue) is recommended. This approach reduces gas costs and simplifies the contract, while still allowing for accurate valuation through external tools or contracts.