The xRenzoDeposit contract’s getRate function is used by Balancer pools on L2s to get the exchange rate between xezWETH and WETH tokens.
The problem is that the getRate function returns the lastPrice state variable, which lacks any staleness checks and may be outdated compared to the rate provided by getMintRate in the oracle contract, leading to the possibility of incorrect exchange rates and potential arbitrage opportunities.
The fix modifies the getRate function to call the getMintRate function to fetch the current price, ensuring the exchange rate is accurate and up-to-date. It also adds a staleness check to ensure the oracle price is not past the expiration date (1 day).
By updating the getRate function to call getMintRate and adding a staleness check, the xRenzoDeposit contract now provides accurate and up-to-date exchange rates to Balancer pools
Lines of code
Vulnerability details
Lines of code
Vulnerability details
C4 issue
M-12: Incorrect exchange rate provided to Balancer pools
Link to issue
Comments
The
xRenzoDeposit
contract’sgetRate
function is used by Balancer pools on L2s to get the exchange rate betweenxezWETH
andWETH
tokens.The problem is that the
getRate
function returns thelastPrice
state variable, which lacks any staleness checks and may be outdated compared to the rate provided bygetMintRate
in the oracle contract, leading to the possibility of incorrect exchange rates and potential arbitrage opportunities.Mitigation
PR: Pull Request 113
The fix modifies the
getRate
function to call thegetMintRate
function to fetch the current price, ensuring the exchange rate is accurate and up-to-date. It also adds a staleness check to ensure the oracle price is not past the expiration date (1 day).Conclusion
By updating the
getRate
function to callgetMintRate
and adding a staleness check, thexRenzoDeposit
contract now provides accurate and up-to-date exchange rates to Balancer pools