Mitigation Confirmed for H-04

[code423n4]

Mitigation of H-04: Issue mitigated, see comments

Link to Issue: https://github.com/code-423n4/2023-03-asymmetry-findings/issues/641

Comments

The original issue describes an error in the calculation of ethPerDerivative() for the SfrxEth derivative. The fix described in the report for H-04 is straightforward, however the protocol team decided to change the whole implementation of this function in favor of using Chainlink, probably linked to issue H-08 which describes oracle price manipulation attacks.

While technically the issue described in H-04 is mitigated, as the whole code was replaced, the mitigation introduces a new issue related to the 1:1 frxETH assumption, which is described in a separate report [adriro-NEW-H-01].

[elmutt]

thanks

[c4-judge]

Picodes marked the issue as satisfactory