nevillehuang
commented
9 months ago Invalid, both SiloArbSupply.sol and SentimentArbSupply.sol inherits CustomSupply.sol, so the intended functionalities are present as seen here
Closed sherlock-admin2 closed 9 months ago
nevillehuang
commented
9 months ago Invalid, both SiloArbSupply.sol and SentimentArbSupply.sol inherits CustomSupply.sol, so the intended functionalities are present as seen here
tvdung94
medium
Supply arb-related submodules don't reflect the true state of reserve for their specific pools
Summary
Arb Supply submodules don't reflect the true state of reserve for their pools.
Vulnerability Detail
Since these submodules are just plain basic templates without any specific implementations/ methods to communicate with their specific pools, they are not able to reflect/ display the correct current amount of reserve in these pools, only giving constant answers instead.
Impact
As similar as oracle's stale price, constant results from these submodules do not give the accurate amount of reserve in pools, leading to incorrect accounting for any system component relied on supply module.
Code Snippet
https://github.com/sherlock-audit/2023-11-olympus/blob/main/bophades/src/modules/SPPLY/submodules/SiloArbSupply.sol#L1-L45 https://github.com/sherlock-audit/2023-11-olympus/blob/main/bophades/src/modules/SPPLY/submodules/SentimentArbSupply.sol#L1-L45
Tool used
Manual Review
Recommendation
Consider implement these submodules before deployment.