Skip to content

Latest commit

 

History

History
34 lines (24 loc) · 1.16 KB

046.md

File metadata and controls

34 lines (24 loc) · 1.16 KB

blockdev

high

StableCoinDAI.ethOracle incorrectly set to zero address

Summary

To determine DAI's price in USD, StableOracleDAI.getPriceUSD() is called. It then makes a call to ethOracle but it is set to zero because of which the call reverts.

Vulnerability Detail

The call to ethAddress:

uint256 wethPriceUSD = ethOracle.getPriceUSD();

Set to zero here:

ethOracle = IStableOracle(0x0000000000000000000000000000000000000000); // TODO: WETH oracle price

Impact

High. Minting and rebalancing will revert.

Code Snippet

ethOracle = IStableOracle(0x0000000000000000000000000000000000000000); // TODO: WETH oracle price

Tool used

Manual Review

Recommendation

Set ethOracle to the correct value.