in getOwnValution we dont use a twap variable but instead use a not protected manipulates price
Summary
In getOwnValution we don't use a twap variable but instead use a not protected token amounts calculation an attacker can change the pool with flash loan causing different prices in the rebalance function
It's not the actual price of the pool it's only the vulnerable price so we will be doing rebalancing for no reason if the attacker has a flash loan and secky the prices too low for USSD they can profit and the other way around is to and get dai at a lower price.
Vulnerability Detail
EX:
Alice manipulates the pool by making USSD very cheap and getting then making it expensive and then Alice will sell the tokens for a profit.
Impact
Profit for the attacker, protocol can loss collateral because attacker can control when and how the protocol rebalances.
simon135
high
in
getOwnValutionwe dont use a twap variable but instead use a not protected manipulates priceSummary
In
getOwnValutionwe don't use a twap variable but instead use a not protected token amounts calculation an attacker can change the pool with flash loan causing different prices in the rebalance function It's not the actual price of the pool it's only the vulnerable price so we will be doing rebalancing for no reason if the attacker has a flash loan and secky the prices too low for USSD they can profit and the other way around is to and get dai at a lower price.Vulnerability Detail
EX: Alice manipulates the pool by making USSD very cheap and getting then making it expensive and then Alice will sell the tokens for a profit.
Impact
Profit for the attacker, protocol can loss collateral because attacker can control when and how the protocol rebalances.
Code Snippet
Tool used
Manual Review
Recommendation
Use Twap price instead
Duplicate of #451