search

code-423n4 / 2024-03-saltyio-mitigation-findings

0 stars 0 forks source link

H-03 MitigationConfirmed #43

Open c4-bot-1 opened 4 months ago

c4-bot-1 commented 4 months ago

Lines of code

Vulnerability details

Lines of code

Vulnerability details

C4 Issue

https://github.com/code-423n4/2024-01-salty-findings/issues/609

Comments

Initially, Salty set prices via the aggregation of prices from three different sources: CoreSaltyFeed, Chainlink, and Uniswaps TWAP. The issue highlighted how a user was able to movethe price in their favour. this was possible because of the following:

  1. the user can manipulate the price of the CoreSaltyFeed because it is based off salty pool reserves.
  2. the price aggregator logic was setup in a way that allowed the average price it calculated to deviate from the actual price.
  3. the attacker can use this manipulated price to liquidate other users and earn rewards because liquidation derived prices via the manipulated price aggregator.

Mitigation

https://github.com/othernet-global/salty-io/commit/8e3231d3f444e9851881d642d6dd03021fade5ed

The mitigation for this issue revolved around the deprecation of number of key components including:

  1. The overcollateralized USDS stablecoin framework was completely deprecated, which also meant borrowing of USDS no longer exists, ergo liquidations are no longer possible.
  2. The price aggregator itself was deprecated because its main purpose was to provide pricing for the collateral and liquidity framework which itself has been deprecated.

Conclusion

LGTM

c4-judge commented 4 months ago

Picodes marked the issue as satisfactory