For exponential pricing that utilizes the scaling factor, the above line is completely incorrect, since it will multiply before removing the base WAD from the expression.
Example:
Assume a scaling factor of 2. A time 0 our price should be the initial price however this isn't the case:
expWad(0) = 1e18
priceChange = 2 * 1e18 - 1e18 = 1e18
This lead to the price being wildly under the price that it should be selling the asset at a large loss.
Impact
Math error will cause assets to be sold a very low prices causing loss to the set token
0x52
high
BoundedStepwiseExponentialPriceAdapter#getPrice uses incorrect order of operation when calculating priceChange
Summary
BoundedStepwiseExponentialPriceAdapter#getPrice incorrectly applies the scaling factor leading to wildly incorrect pricing when scalingFactor is used.
Vulnerability Detail
BoundedStepwiseExponentialPriceAdapter.sol#L73
For exponential pricing that utilizes the scaling factor, the above line is completely incorrect, since it will multiply before removing the base WAD from the expression.
Example:
Assume a scaling factor of 2. A time 0 our price should be the initial price however this isn't the case:
expWad(0) = 1e18
priceChange = 2 * 1e18 - 1e18 = 1e18
This lead to the price being wildly under the price that it should be selling the asset at a large loss.
Impact
Math error will cause assets to be sold a very low prices causing loss to the set token
Code Snippet
BoundedStepwiseExponentialPriceAdapter.sol#L28-L88
Tool used
Manual Review
Recommendation
Fix the order of operation:
Duplicate of #39