In the original implementation, a malicious user can inflate the LP token price of the collateral pool to borrow a higher amount of USDS than the real value of their liquidity position,resulting in bad debt for the protocol.
Mitigation
commit 8e3231d
The mitigation removed the whole stablecoin framework: /stablecoin, /price_feed, WBTC/WETH collateral, PriceAggregator, price feeds and USDS.
The original issue was resolved since the flaw function and affected modules had been entirely removed.
Lines of code
Vulnerability details
Comments
In the original implementation, a malicious user can inflate the LP token price of the collateral pool to borrow a higher amount of USDS than the real value of their liquidity position,resulting in bad debt for the protocol.
Mitigation
commit 8e3231d The mitigation removed the whole stablecoin framework: /stablecoin, /price_feed, WBTC/WETH collateral, PriceAggregator, price feeds and USDS. The original issue was resolved since the flaw function and affected modules had been entirely removed.
Conclusion
Confirmed