Closed sherlock-admin closed 6 months ago
sherlock-admin2
commented
6 months ago 1 comment(s) were left on this issue during the judging contest.
auditsea commented:
The issue describes about DOSing setPool function by manipulating the Curve pool, but it's assumed that the Curve pool deployment, LP deposit, and setPool will be handled in one tx using multicall structure
sherlock-admin2
commented
6 months ago 1 comment(s) were left on this issue during the judging contest.
auditsea commented:
The issue describes about DOSing setPool function by manipulating the Curve pool, but it's assumed that the Curve pool deployment, LP deposit, and setPool will be handled in one tx using multicall structure
bareli
medium
Assumption of Equal Reserves
Summary
Assumption of Equal Reserves: The setPool function requires that the reserves for both tokens in the pool are equal. This is a strong assumption and may not always hold true, especially in volatile markets.
Vulnerability Detail
Impact
This is a strong assumption and may not always hold true, especially in volatile markets.
Code Snippet
https://github.com/sherlock-audit/2023-12-ubiquity/blob/main/ubiquity-dollar/packages/contracts/src/dollar/libraries/LibTWAPOracle.sol#L51
Tool used
Manual Review
Recommendation
Duplicate of #14