c4-judge
commented
1 year ago 0xean marked the issue as satisfactory
Open code423n4 opened 1 year ago
c4-judge
commented
1 year ago 0xean marked the issue as satisfactory
Lines of code
Vulnerability details
Issue was that when oracle timeouts the protocol might use 0 as the minimum price for selling RSR. Protocol switched to using
lotPrice()which will decay over time, which better suits the situation (the more time passes the less we can be confident the price remained the same, and therefore it's justified to sell for zero after a week).