c4-judge
commented
6 months ago jhsagd76 marked the issue as satisfactory
Open c4-bot-6 opened 7 months ago
c4-judge
commented
6 months ago jhsagd76 marked the issue as satisfactory
Lines of code
Vulnerability details
C4 Issue
M-19: https://github.com/code-423n4/2024-03-revert-lend-findings/issues/175
Issue Details
V3Oracle.solcontract is used by Revert Lend protocol to fetch all prices. For maximum safety and manipulation resistance it uses two oracles (Uniswap TWAP & Chainlink).Calculating the collateral value of a position was conducted inside
V3Oracle.getValue()as product of two parameters:price0X96/price1X96- those are the prices derived from the oracles - they are validated and cannot be manipulatedamount0/amount1- those are calculated based on the spot price and are prone to some manipulationThe vulnerability lied in the second parameter that was using spot data from the pool, which could influence the calculated position value.
Mitigation
PR-26 successfully mitigates the original issue by modifying the calculations for
amount0/amount1to be based on the derived oracle price instead on the spot data.Additional code refactoring has been made so that the code is leaner and more organized
Conclusion
Mitigation Confirmed