This repository has been archived by the owner on Jul 14, 2024. It is now read-only.
ge6a - The 'Dollar price too low' check may be insufficient under certain circumstances #229
Comments
github-actions
bot
added
the
Excluded
|
1 comment(s) were left on this issue during the judging contest. auditsea commented:
|
github-actions
bot
added
Medium
|
1 comment(s) were left on this issue during the judging contest. auditsea commented:
|
sherlock-admin
changed the title
sherlock-admin
added
Non-Reward
sherlock-admin
added
Reward
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
ge6a
medium
The 'Dollar price too low' check may be insufficient under certain circumstances
Summary
In the event of a depeg of DAI and a suitable distribution of collateral tokens in the protocol, the check for the minimum price of the Ubiquity Dollar token may not be triggered, leading to potential harm to users during minting.
Vulnerability Detail
The function getTwapPrice() returns the price of 1 Ubiquity Dollar token measured in 3pool tokens. In the mintDollar function, there is a check whether this price is >= the pre-defined mintPriceThreshold. The goal is to prevent minting in this case because subsequent calculations assume that the price of the Ubiquity Dollar token is 1 USD. The issue with this workflow is that both the Ubiquity Dollar token and the 3pool token are dependent on the price of DAI. DAI constitutes over 50% of the 3pool pool in Curve. Additionally, DAI can be used as collateral for the Ubiquity Dollar token, thus influencing its price. In the event of a depeg of DAI and a suitable distribution of collateral tokens for the Ubiquity Dollar token, market prices for both the Ubiquity Dollar token and the 3pool token could fall below 1.
In this case, the expected behavior is for the check for the minimum acceptable price of the Ubiquity Dollar token to be triggered during minting, leading to the suspension of minting. However, due to the correlation between the two tokens from the Curve pool used to determine the price (Ubiquity Dollar token and 3pool token), this may not occur. As a result, users could be adversely affected by receiving Ubiquity Dollar tokens of lower value than the collateral they deposited.
Impact
Bypassing a crucial check during minting could result in financial losses for the user.
Code Snippet
https://github.com/sherlock-audit/2023-12-ubiquity/blob/d9c39e8dfd5601e7e8db2e4b3390e7d8dff42a8e/ubiquity-dollar/packages/contracts/src/dollar/libraries/LibUbiquityPool.sol#L326-L386
Tool used
Manual Review
Recommendation
An idea for a solution is to add an additional check to verify whether the price of the 3pool token is >= 1, possibly using an oracle.
Duplicate of #17
The text was updated successfully, but these errors were encountered: