Platform: Code4rena
Start Date: 23/06/2023
Pot Size: $60,500 USDC
Total HM: 31
Participants: 132
Period: 10 days
Judge: 0xean
Total Solo HM: 10
Id: 254
League: ETH
Rank: 125/132
Findings: 1
Award: $1.32
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: bytes032
Also found by: 0xMAKEOUTHILL, 0xgrbr, 0xkazim, 0xnacho, Arz, Co0nan, CrypticShepherd, Cryptor, HE1M, Iurii3, LaScaloneta, LokiThe5th, LuchoLeonel1, MrPotatoMagic, Musaka, Qeew, RedTiger, SovaSlava, Toshii, Vagner, a3yip6, azhar, bart1e, devival, hl_, jnrlouis, kutugu, peanuts, pep7siup, qpzm, smaul
1.3247 USDC - $1.32
https://github.com/code-423n4/2023-06-lybra/blob/7b73ef2fbb542b569e182d9abf79be643ca883ee/contracts/lybra/pools/LybraRETHVault.sol#L9-L11 https://github.com/code-423n4/2023-06-lybra/blob/7b73ef2fbb542b569e182d9abf79be643ca883ee/contracts/lybra/pools/LybraRETHVault.sol#L46-L49
Wrong function called in rETH implementation
The function getAssetPrice relies on the function getexchangeratio called using an interface for the rockettoken interface, in order to calculate the rETH exchange rate for a collateral asset. The problem is that the function getexchangeratio does not exist in the in the interface.
That means that the function getAssetprice will revert when called
Manual Review
Use the function getexchangerate from rockettoken rETH interface
Other
#0 - c4-pre-sort
2023-07-04T13:17:50Z
JeffCX marked the issue as duplicate of #27
#1 - c4-judge
2023-07-28T17:14:12Z
0xean changed the severity to 2 (Med Risk)
#2 - c4-judge
2023-07-28T17:15:15Z
0xean marked the issue as satisfactory