search

code-423n4 / 2023-05-asymmetry-mitigation-findings

2 stars 2 forks source link

Mitigation Confirmed for Mitigation of H-05: Issue mitigated with error #33

Open code423n4 opened 1 year ago

code423n4 commented 1 year ago

Mitigated issue

H-05: Reth poolPrice calculation may overflow.

The issue was that Reth.poolPrice(), which calculated the rETH price in Uniswap V3, may revert due to an arithmetical overflow.

Mitigation review

The use of Uniswap V3 has been replaced by Balancer, and poolPrice() has been replaced by a Chainlink price feed. Therefore the entire Reth.poolPrice() function has been removed, so this issue is moot.

Mitigation error: No sanity check on Chainlink response

There are no sanity checks on the Chainlink price feed return data, especially that it is not stale. Here is an overview on this matter. See the error report on this titled "[H-02, H-05, H-06, H-08] mitigation error: No sanity check on Chainlink price feed".

c4-judge commented 1 year ago

Picodes marked the issue as satisfactory