Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Zealous Black Grasshopper - Assumption of Fixed Token Exponent in currentValue Function #886

Open
sherlock-admin2 opened this issue Dec 9, 2024 · 0 comments
Open

Zealous Black Grasshopper - Assumption of Fixed Token Exponent in currentValue Function #886

sherlock-admin2 opened this issue Dec 9, 2024 · 0 comments

Comments

@sherlock-admin2
Copy link

Zealous Black Grasshopper

Medium

Assumption of Fixed Token Exponent in currentValue Function

Summary

The currentValue function assumes that all token prices from the pythOracle use an exponent of 8. However, different token pairs in the Pyth Network may have varying exponents. This implicit assumption can lead to incorrect calculations when tokens with non-standard exponents are used.
Here are few of many tokens that does not have expo 8 from the oracle
- SHIB-EXPO(10)
- SCROLL-EXPO(10)
- BABYDOGE-EXPO(12)
- BBSOL-EXPO(12)

Root Cause

No response

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

Incorrect Price Calculations - Orders, swaps, or value estimations involving tokens with non-standard exponents may yield incorrect results, leading to funds loss.

PoC

No response

Mitigation

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin2