search

sherlock-audit / 2024-05-beefy-cowcentrated-liquidity-manager-judging

5 stars 5 forks source link

blackhole - The incorrect lpToken price calculation can lead to potential issues in future integrations #22

Closed sherlock-admin4 closed 5 months ago

sherlock-admin4 commented 5 months ago

blackhole

medium

The incorrect lpToken price calculation can lead to potential issues in future integrations

Summary

The lpToken1ToNativePrice function is designed to fetch the price of lpToken in terms of the native token. However, the calculation uses an incorrect amount for lpToken.

Vulnerability Detail

The amount variable does not represent 1 lpToken but rather 0.1 lpToken.

File: contracts/strategies/velodrome/StrategyPassiveManagerVelodrome.sol#L725
    function lpToken0ToNativePrice() public returns (uint256) {
        uint amount = 10**IERC20Metadata(lpToken0).decimals() / 10; // @audit why / 10?
        if (lpToken0 == native) return amount;
        return IQuoter(quoter).quoteExactInput(lpToken0ToNativePath, amount);
    }
File: contracts/strategies/velodrome/StrategyPassiveManagerVelodrome.sol#L732
    function lpToken1ToNativePrice() public returns (uint256) {
        uint amount = 10**IERC20Metadata(lpToken1).decimals() / 10; // @audit
        if (lpToken1 == native) return amount;
        return IQuoter(quoter).quoteExactInput(lpToken1ToNativePath, amount);
    }

Impact

An incorrect price can cause potential issues in future integrations.

Code Snippet

https://github.com/sherlock-audit/2024-05-beefy-cowcentrated-liquidity-manager/blob/main/cowcentrated-contracts/contracts/strategies/velodrome/StrategyPassiveManagerVelodrome.sol#L725

Tool used

Manual Review

Recommendation

Use the correct amount of lpToken instead of dividing by 10.

Duplicate of #120

sherlock-admin4 commented 5 months ago

1 comment(s) were left on this issue during the judging contest.

DHTNS commented:

Medium -> since the protocol requested future integration issues to be reported as per readme