search

sherlock-audit / 2023-05-USSD-judging

9 stars 7 forks source link

0xpinky - Do not allow rebalance when getOwnValuation returns zero price value #963

Closed sherlock-admin closed 1 year ago

sherlock-admin commented 1 year ago

0xpinky

medium

Do not allow rebalance when getOwnValuation returns zero price value

Summary

Contract allows for rebalancing even if the getOwnValuation returns zero value.

Vulnerability Detail

Rebalancing happens based on the price returned from getOwnValuation

null() override public {
  uint256 ownval = getOwnValuation();
  (uint256 USSDamount, uint256 DAIamount) = getSupplyProportion();
  if (ownval < 1e6 - threshold) {

https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/USSDRebalancer.sol#L92-L107

When we look at the getSupplyProportion function, it does the right shifting operation.

 function getOwnValuation() public view returns (uint256 price) {
  (uint160 sqrtPriceX96,,,,,,) =  uniPool.slot0();
  if(uniPool.token0() == USSD) {
    price = uint(sqrtPriceX96)*(uint(sqrtPriceX96))/(1e6) >> (96 * 2);
  } else {
    price = uint(sqrtPriceX96)*(uint(sqrtPriceX96))*(1e18 /* 1e12 + 1e6 decimal representation */) >> (96 * 2);
    // flip the fraction
    price = (1e24 / price) / 1e12;
  }

we have tried with upto 5 unit of values in Remix, but we still end with price of zero.

Impact

Contract unnecessarily rebalance even if the price is not valid

Code Snippet

https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/USSDRebalancer.sol#L71-L79

https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/USSDRebalancer.sol#L92-L106

Tool used

Manual Review

Recommendation

Check the price returned from getOwnValuation is greater than zero . After this, allow for rebalancing.

Duplicate of #222