Incorrect price calculations in MasterPriceOracle allow for profitable arbitrage attacks.

Summary

The inadequate precision in the price calculations due to improper handling of values will cause a significant financial impact for stakers as the attacker will exploit the rounding errors to manipulate asset valuations.

Root Cause

In MasterPriceOracle.sol:53 the rounding errors in the price calculations lead to incorrect asset valuations.

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

The attacker queries the price from the oracle.
The attacker identifies a significant discrepancy between the oracle price and the actual market price.
The attacker buys assets at the manipulated price.
The attacker sells the assets at the actual market price, realizing a profit due to the rounding errors in the price calculations.

Impact

The vulnerability allows an attacker to manipulate asset valuations, resulting in financial losses for users who rely on incorrect pricing data.

PoC

No response

Mitigation

No response

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

018.md

018.md

Incorrect price calculations in MasterPriceOracle allow for profitable arbitrage attacks.

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation

Files

018.md

Latest commit

History

018.md

File metadata and controls

Incorrect price calculations in MasterPriceOracle allow for profitable arbitrage attacks.

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation