Incorrect address of BTC/USD price feed in StableOracleWBTC.sol

Summary

In the StableOracleWBTC.sol, incorrect address of price feed is used although in the comments it's written correctly.

Vulnerability Detail

In the constructor of the mentioned contract, BTC/USD price feed is initialized with the following address: 0x5f4eC3Df9cbd43714FE2740f5E3616155c5b8419. But this address is for ETH/USD price feed. The correct one is 0xf4030086522a5beea4988f8ca5b36dbc97bee88c

Impact

High-risk vulnerability. The protocol will get the wrong prices for BTC/USD (for ETH/USD instead) and this will cause the issues in all of the functions where this price feed will be requested.

Code Snippet

https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/oracles/StableOracleWBTC.sol#L17

Tool used

Manual Review

Recommendation

Change the address to 0xf4030086522a5beea4988f8ca5b36dbc97bee88c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

054.md

054.md

Incorrect address of BTC/USD price feed in StableOracleWBTC.sol

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

Files

054.md

Latest commit

History

054.md

File metadata and controls

Incorrect address of BTC/USD price feed in StableOracleWBTC.sol

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation