search

code-423n4 / 2024-03-saltyio-mitigation-findings

0 stars 0 forks source link

M-18 MitigationConfirmed #81

Open c4-bot-3 opened 7 months ago

c4-bot-3 commented 7 months ago

Lines of code

Vulnerability details

Comments

In the original implementation tick was not rounded to negative when tickCumulatives[1] is less than tickCumulatives[0]. The incorrect price calculation could result arbitrage opportunities.

Mitigation

commit 8e3231d The mitigation removed the whole stablecoin framework: /stablecoin, /price_feed, WBTC/WETH collateral, PriceAggregator, price feeds and USDS. The original issue was resolved since the flaw function and affected modules had been entirely removed.

Conclusion

Confirmed

c4-judge commented 6 months ago

Picodes marked the issue as satisfactory