c4-judge
commented
7 months ago Picodes marked the issue as duplicate of #60
Closed c4-judge closed 7 months ago
c4-judge
commented
7 months ago Picodes marked the issue as duplicate of #60
c4-judge
commented
7 months ago Picodes marked the issue as satisfactory
Judge has assessed an item in Issue #907 as 2 risk. The relevant finding follows:
[L-08] CoreChainlinkFeed uses the BTC_USD address when it should be using the WBTC-BTC one as well CoreChainlinkFeed assumes that the price of BTC is equal to the price of WBTC.
This is the BTC/USD feed:
https://data.chain.link/feeds/ethereum/mainnet/btc-usd
This is the WBTC/BTC feed:
https://data.chain.link/feeds/ethereum/mainnet/wbtc-btc
Note that the WBTC/BTC is not 1:1. Users may not get the actual WBTC price (since protocol is using WBTC instead of BTC) which will affect collaterization ratio and future liquidations.
https://github.com/code-423n4/2024-01-salty/blob/main/src/price_feed/CoreChainlinkFeed.sol#L32-L39