Lack of Input Validation in Price Functions
Description
The price_v0, price_v1, and price_v2 functions accept an _i parameter intended to be either 0 or 1, but don't validate this assumption. If _i is greater than 1, the functions will return incorrect results.
Affected Code
Vulnerability Details
The price_v0, price_v1, and price_v2 functions are designed to return either the price per share (_i = 0) or the price per asset (_i = 1). However, these functions do not validate the _i parameter, meaning that any value greater than 1 will result in incorrect calculations. For example, if _i = 2, the function will return 10**36 // self._price_v0(), which is not a valid price. This could lead to incorrect price data being returned to downstream systems that rely on the oracle, potentially causing financial losses or disruptions. While this issue is unlikely to be exploited directly, it introduces unnecessary risk and could lead to unexpected behavior in the protocol.
Tools Used
Manual Review
Recommended Mitigation Steps
Add input validation to ensure _i is either 0 or 1:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.