Closed sherlock-admin closed 5 months ago
1 comment(s) were left on this issue during the judging contest.
takarez commented:
invalid
Invalid, seemingly duplicate of #90, but the configuration is correct. It is intended to use ETH price to convert to collateral of rETH price subsequently. The correct root cause should be the lack of rETH/USD on base chain
ubl4nk
high
getKeeperFee is calculating the keeper fee based on the ETH price not rETH
Summary
There mentioned in the README that the collateral will be rETH but getKeeperFee is actually calculating keeper-fee based on the ETH price not rETH.
Vulnerability Detail
Wee the function is calculating the fee based on the ETH price, but it actually should be the rETH:
Impact
Wrong collateralPrice will be calculated and wrong amount will be calculated for keeper-fee.
Code Snippet
https://github.com/sherlock-audit/2023-12-flatmoney/blob/bba4f077a64f43fbd565f8983388d0e985cb85db/flatcoin-v1/src/misc/KeeperFee.sol#L81-L93
Tool used
Manual Review
Recommendation
Consider using rETH price in calculations.