`BalancePairOracal.sol#computeFairReserves` function does not consider the decimals

Summary

BalancePairOracal.sol#computeFairReserves function does not consider the decimals.

Vulnerability Detail

File: oracle/BalancerPairOracle.sol
 53         uint256 r0 = resA / resB;
 54         uint256 r1 = (wA * pxB) / (wB * pxA);

resA: the balances of token A
resB: the balances of token B
pxA: the price of token A
pxB: the price of token B
wA: the weight of token A
wB: the weight of token B

Lines 53 and 54 do not consider decimals, this can lead to very large calculation errors. For example, the decimals of token A is 8 and the decimals of token B is 18, then r0 is almost always 0.

Impact

The computeFairReserves function is used to calculate prices, which can lead to very large price errors.

Code Snippet

https://github.com/sherlock-audit/2023-04-blueberry/blob/main/blueberry-core/contracts/oracle/BalancerPairOracle.sol#L53-L54

Tool used

Manual Review

Recommendation

It is recommended to consider the decimal places of token and price.

sherlock-audit / 2023-04-blueberry-judging

J4de - `BalancePairOracal.sol#computeFairReserves` function does not consider the decimals #68

`BalancePairOracal.sol#computeFairReserves` function does not consider the decimals

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

sherlock-audit / 2023-04-blueberry-judging

J4de - `BalancePairOracal.sol#computeFairReserves` function does not consider the decimals #68

BalancePairOracal.sol#computeFairReserves function does not consider the decimals

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

`BalancePairOracal.sol#computeFairReserves` function does not consider the decimals