search

code-423n4 / 2024-04-revert-mitigation-findings

1 stars 1 forks source link

ADD-01 MitigationConfirmed #70

Open c4-bot-8 opened 2 months ago

c4-bot-8 commented 2 months ago

Lines of code

Vulnerability details

C4 issue

ADD-01: Improper return of chainlinkReferencePriceX96 in V3Oracle._getReferenceTokenPriceX96()

Comments

V3Vault._getReferenceTokenPriceX96() returns chainlinkReferencePriceX96 if the token and reference token are the same. Since chainlinkReferencePriceX96 is not set, this will return 0. This can result in unnecessary re-calculations when calculating the oracle price.

Mitigation

PR #13

When the reference token is the same as the token, V3Vault._getReferenceTokenPriceX96() will now return cachedChainlinkReferencePriceX96, which is the existing cached reference price.

Conclusion

LGTM

c4-judge commented 2 months ago

jhsagd76 marked the issue as satisfactory