hash - 1:1 price is assumed b/w stETH and WETH #269

sherlock-admin3 · 2024-06-27T15:37:15Z

hash

Medium

1:1 price is assumed b/w stETH and WETH

Summary

1:1 price is assumed b/w stETH and WETH

Vulnerability Detail

The oracle used for WETH is the constantPriceOracle which returns 1e18 as the price. For vault with wstETH and WETH as underlying tokens and WETH as the base asset, the price used for wstETH is the wstETH to stETH exchange ratio

link

    function getAnswer() public view returns (int256) {
        return int256(IWSteth(wsteth).getStETHByWstETH(10 ** decimals));
    }


    function latestRoundData()
        public
        view
        override
        returns (uint80, int256, uint256, uint256, uint80)
    {
        return (0, getAnswer(), block.timestamp, block.timestamp, 0);
    }

This assumes a 1:1 price relation for weth and steth which need not be true as steth can deviate from the weth price. Hence the valuation of the assets will be incorrect allowing user's to possibly gain from the price difference

For eg: if deposit ratio is [100,0:wstETH,weth], withdraw ratio is [0,100:wstETH,weth] and the price of steth drops, user can gain by depositng wstETH and withdrawing weth

Impact

Incorrect valuation of assets which will be used during deposits and withdrawals to determine the assets to be given out

Code Snippet

Tool used

Manual Review

Recommendation

Use eth/steth oracle instead of assuming 1:1 price relation

Duplicate of #266

sherlock-admin4 changed the title ~~Expert Glossy Bull - stEth deposits will result in a revert~~ 1:1 price is assumed b/w stETH and WETH Jun 28, 2024

sherlock-admin3 added the Sponsor Disputed The sponsor disputed this issue's validity label Jun 30, 2024

github-actions bot changed the title ~~1:1 price is assumed b/w stETH and WETH~~ Curved Powder Rooster - 1:1 price is assumed b/w stETH and WETH Jul 6, 2024

github-actions bot closed this as completed Jul 6, 2024

github-actions bot added the Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label label Jul 6, 2024

sherlock-admin3 changed the title ~~Curved Powder Rooster - 1:1 price is assumed b/w stETH and WETH~~ hash - 1:1 price is assumed b/w stETH and WETH Jul 15, 2024

sherlock-admin3 added Non-Reward This issue will not receive a payout and removed Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Jul 15, 2024

WangSecurity added Medium A valid Medium severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels Jul 30, 2024

Evert0x added Medium A valid Medium severity issue and removed Medium A valid Medium severity issue labels Jul 30, 2024

sherlock-admin4 added Reward A payout will be made for this issue and removed Non-Reward This issue will not receive a payout labels Jul 31, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

hash - 1:1 price is assumed b/w stETH and WETH #269

hash - 1:1 price is assumed b/w stETH and WETH #269

sherlock-admin3 commented Jun 27, 2024 •

edited by WangSecurity

Loading

hash - 1:1 price is assumed b/w stETH and WETH #269

hash - 1:1 price is assumed b/w stETH and WETH #269

Comments

sherlock-admin3 commented Jun 27, 2024 • edited by WangSecurity Loading

1:1 price is assumed b/w stETH and WETH

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

sherlock-admin3 commented Jun 27, 2024 •

edited by WangSecurity

Loading