Closed howlbot-integration[bot] closed 5 months ago
https://github.com/code-423n4/2024-05-munchables/blob/main/src/managers/LockManager.sol#L142-L174
Token prices will not be updated correctly.
You should use an Oracle like Chainlink(https://docs.chain.link/data-feeds/using-data-feeds) to get the price of the tokens.
Oracle
Lines of code
https://github.com/code-423n4/2024-05-munchables/blob/main/src/managers/LockManager.sol#L142-L174
Vulnerability details
Impact
Token prices will not be updated correctly.
Proof of Concept
https://github.com/code-423n4/2024-05-munchables/blob/main/src/managers/LockManager.sol#L142-L174
Recommended Mitigation Steps
You should use an Oracle like Chainlink(https://docs.chain.link/data-feeds/using-data-feeds) to get the price of the tokens.
Assessed type
Oracle