search

code-423n4 / 2024-04-revert-mitigation-findings

1 stars 1 forks source link

M-25 MitigationConfirmed #33

Open c4-bot-8 opened 5 months ago

c4-bot-8 commented 5 months ago

Lines of code

Vulnerability details

Lines of code

Vulnerability details

C4 issue

M-25: Asymmetric calculation of price difference

Comment

The original code contains an asymmetric calculation of price difference:

function _requireMaxDifference(uint256 priceX96, uint256 verifyPriceX96, uint256 maxDifferenceX10000)
        internal
        pure
    {
        uint256 differenceX10000 = priceX96 > verifyPriceX96
            ? (priceX96 - verifyPriceX96) * 10000 / priceX96
            : (verifyPriceX96 - priceX96) * 10000 / verifyPriceX96;
        // if too big difference - revert
        if (differenceX10000 >= maxDifferenceX10000) {
            revert PriceDifferenceExceeded();
        }
    }

The denominator is different for 2 cases, one is priceX96 and one is verifyPriceX96, causing asymmetric in price difference calculation.

Mitigation

PR #5 The mitigation fix the asymmetric calculation by consistently using verifyPriceX96 as denominator for both cases:

uint256 differenceX10000 =
            priceX96 >= verifyPriceX96 ? (priceX96 - verifyPriceX96) * 10000 : (verifyPriceX96 - priceX96) * 10000;

        // if invalid price or too big difference - revert
        if (
            (verifyPriceX96 == 0 || differenceX10000 / verifyPriceX96 > maxDifferenceX10000)
                && maxDifferenceX10000 < type(uint16).max
        ) {
            revert PriceDifferenceExceeded();
        }

The mitigation solved in original issue

Conclusion

LGTM

c4-judge commented 5 months ago

jhsagd76 marked the issue as satisfactory

c4-judge commented 5 months ago

jhsagd76 marked the issue as confirmed for report