The issue was that Reth.poolPrice(), which calculated the rETH price in Uniswap V3, may revert due to an arithmetical overflow.
Mitigation review
The use of Uniswap V3 has been replaced by Balancer, and poolPrice() has been replaced by a Chainlink price feed. Therefore the entire Reth.poolPrice() function has been removed, so this issue is moot.
Mitigation error: No sanity check on Chainlink response
There are no sanity checks on the Chainlink price feed return data, especially that it is not stale. Here is an overview on this matter.
See the error report on this titled "[H-02, H-05, H-06, H-08] mitigation error: No sanity check on Chainlink price feed".
Mitigated issue
H-05: Reth poolPrice calculation may overflow.
The issue was that
Reth.poolPrice()
, which calculated the rETH price in Uniswap V3, may revert due to an arithmetical overflow.Mitigation review
The use of Uniswap V3 has been replaced by Balancer, and
poolPrice()
has been replaced by a Chainlink price feed. Therefore the entireReth.poolPrice()
function has been removed, so this issue is moot.Mitigation error: No sanity check on Chainlink response
There are no sanity checks on the Chainlink price feed return data, especially that it is not stale. Here is an overview on this matter. See the error report on this titled "[H-02, H-05, H-06, H-08] mitigation error: No sanity check on Chainlink price feed".