snn20
commented
1 year ago Escalate for 10 USDC the root cause of pool balances being manipulated This is a duplicate of https://github.com/sherlock-audit/2023-05-USSD-judging/issues/808
Closed sherlock-admin closed 1 year ago
snn20
commented
1 year ago Escalate for 10 USDC the root cause of pool balances being manipulated This is a duplicate of https://github.com/sherlock-audit/2023-05-USSD-judging/issues/808
sherlock-admin
commented
1 year ago Escalate for 10 USDC the root cause of pool balances being manipulated This is a duplicate of https://github.com/sherlock-audit/2023-05-USSD-judging/issues/808
You've created a valid escalation for 10 USDC!
To remove the escalation from consideration: Delete your comment.
You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.
ctf-sec
commented
1 year ago Emm the report lacks detail to be considered as either duplicate of #808 or #451
ctf-sec
commented
1 year ago the report mentions getSupplyProportion, duplicate of #808
hrishibhat
commented
1 year ago Result: High Duplicate of #808 Although the issue can be described better, considering this a duplicate of #808
sherlock-admin
commented
1 year ago
simon135
high
Attackers can control how rebalance happens by changing balances
Summary
The Attacker/lp can cause problems by flipping the pool a lot causing rebalance to be called getting more fees and they are making a profit by calling the function.
Vulnerability Detail
because
getSupplyProportioncan be manipulated and cause problems since it relies on contract balances which can be manipulatedImpact
causing weird rebalances and its control on rebalances and minting more tokens then should have
Code Snippet
Tool used
Manual Review
Recommendation
Duplicate of #808