Open code423n4 opened 1 year ago
The mitigation deletes the original code (uint192 low, uint192 high) = rsrAsset.price();. And now it uses lot price as the rsr trade low price for rebalance:
(uint192 low, uint192 high) = rsrAsset.price();
(uint192 lotLow, uint192 lotHigh) = rsrAsset.lotPrice(); // {UoA/RSR} if ( lotHigh > 0 && TradeLib.isEnoughToSell(rsrAsset, rsrAvailable, lotLow, ctx.minTradeVolume) ) { trade.sell = rsrAsset; trade.sellAmount = rsrAvailable; trade.prices.sellLow = lotLow; trade.prices.sellHigh = lotHigh; }
0xean marked the issue as satisfactory
Lines of code
Vulnerability details
Comments
The mitigation deletes the original code
(uint192 low, uint192 high) = rsrAsset.price();
. And now it uses lot price as the rsr trade low price for rebalance: