Closed sherlock-admin2 closed 9 months ago
hash
high
totalValue of token is returned instead of BunniToken price
The getBunniTokenPrice function returns the totalValue of the Bunni token instead of the price
getBunniTokenPrice
function getBunniTokenPrice( address bunniToken_, uint8 outputDecimals_, bytes calldata params_ ) external view returns (uint256) { ...... // Fetch the reserves uint256 totalValue = _getTotalValue(token, lens, outputDecimals_); return totalValue; }
Hugely inflated price for BunniToken
https://github.com/sherlock-audit/2023-11-olympus/blob/9c8df76dc9820b4c6605d2e1e6d87dcfa9e50070/bophades/src/modules/PRICE/submodules/feeds/BunniPrice.sol#L110-L166
Manual Review
Divide by the totalSupply to obtain the price
Duplicate of #198
hash
high
BunniPrice returns totalValue instead of pool token price
Summary
totalValue of token is returned instead of BunniToken price
Vulnerability Detail
The
getBunniTokenPricefunction returns the totalValue of the Bunni token instead of the priceImpact
Hugely inflated price for BunniToken
Code Snippet
https://github.com/sherlock-audit/2023-11-olympus/blob/9c8df76dc9820b4c6605d2e1e6d87dcfa9e50070/bophades/src/modules/PRICE/submodules/feeds/BunniPrice.sol#L110-L166
Tool used
Manual Review
Recommendation
Divide by the totalSupply to obtain the price
Duplicate of #198