Closed sherlock-admin closed 1 year ago
SensoYard
high
The DAIEthOracle is, in fact the Uniswap V3: WBGL pool. It's interface is not compatible with IStaticOracle https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/oracles/StableOracleDAI.sol#LL27C1-L29C11
Uniswap V3: WBGL
IStaticOracle
The ethOracle is 0x000. The price reported by the oracle will be wrong (probably an oversight)
https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/oracles/StableOracleDAI.sol#L30
uint256 wethPriceUSD = ethOracle.getPriceUSD();
This line will report a wrong price because of the 0x000.. address
address[] memory pools = new address[](1); pools[0] = 0x60594a405d53811d3BC4766596EFD80fd545A270; uint256 DAIWethPrice = DAIEthOracle.quoteSpecificPoolsWithTimePeriod( 1000000000000000000, // 1 Eth 0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2, // WETH (base token) 0x6B175474E89094C44Da98b954EedeAC495271d0F, // DAI (quote token) pools, // DAI/WETH pool uni v3 600 // period );
The call won't work
The whole protocol relies on it's DAI orac
Manual Review
Update the addresses!
Duplicate of #817
SensoYard
high
Wrong addresses in the StableOracleDAI contract
Summary
The DAIEthOracle is, in fact the
Uniswap V3: WBGLpool. It's interface is not compatible withIStaticOraclehttps://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/oracles/StableOracleDAI.sol#LL27C1-L29C11The ethOracle is 0x000. The price reported by the oracle will be wrong (probably an oversight)
https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/oracles/StableOracleDAI.sol#L30
Vulnerability Detail
This line will report a wrong price because of the 0x000.. address
The call won't work
Impact
The whole protocol relies on it's DAI orac
Code Snippet
Tool used
Manual Review
Recommendation
Update the addresses!
Duplicate of #817