Bots has reported the division issue, but if here was implemented check for minimum result value, or divisor, it would prevent vulnerable minting, but will DoS depositing logic, until assets are more expensive than corresponding amount of ETH.
If deposited assets are for example rETH and ratio between rETH and ETH is 0.95, the division will be rounded to zero and if check is implemented, the transaction would be reverted.
Tools Used
Manual Review
Recommended Mitigation Steps
Implement some kind of precision variable so it is possible to have ratio, where deposited assets are less than ETH
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/LRTOracle.sol#L78
Vulnerability details
Impact
Bots has reported the division issue, but if here was implemented check for minimum result value, or divisor, it would prevent vulnerable minting, but will DoS depositing logic, until assets are more expensive than corresponding amount of ETH.
Proof of Concept
https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/LRTOracle.sol#L70C52-L70C52
https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/LRTOracle.sol#L78
If deposited assets are for example rETH and ratio between rETH and ETH is 0.95, the division will be rounded to zero and if check is implemented, the transaction would be reverted.
Tools Used
Manual Review
Recommended Mitigation Steps
Implement some kind of precision variable so it is possible to have ratio, where deposited assets are less than ETH
Assessed type
DoS