Open c4-bot-6 opened 6 months ago
Consider QA. Price is set by ondo itself.
0xRobocop marked the issue as primary issue
0xRobocop marked the issue as insufficient quality report
0xRobocop marked the issue as sufficient quality report
cameronclifton (sponsor) disputed
See other response related to this issue.
The Oracle price is set by the team and does not follow normal market fluctuations - this significantly mitigates risk. However, the recommended mitigation of implementing a setter makes sense, so this group makes for a good QA finding.
3docSec changed the severity to QA (Quality Assurance)
3docSec marked the issue as grade-b
There would not be a situation in which we would want to allow instant mints or redemptoins at a price lower than MINIMUM_OUSG_PRICE.
Lines of code
https://github.com/code-423n4/2024-03-ondo-finance/blob/main/contracts/ousg/ousgInstantManager.sol#L479-L485
Vulnerability details
Impact
The contract could become practically unusable since the
getOUSGPrice
function is being called in_mint
and_redeem
functions which are the main functions of the contract.Proof of Concept
The vulnerability arises from the require check in the
getOUSGPrice
function.In a scenario where the price of the OUSG token falls below MINIMUM_OUSG_PRICE (105e18).
Tools Used
Manual Review
Recommended Mitigation Steps
Implement a setter for
MINIMUM_OUSG_PRICE
.Assessed type
DoS