Platform: Code4rena
Start Date: 08/05/2023
Pot Size: $90,500 USDC
Total HM: 17
Participants: 102
Period: 7 days
Judge: 0xean
Total Solo HM: 4
Id: 236
League: ETH
Rank: 23/102
Findings: 2
Award: $788.63
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: peanuts
Also found by: 0xStalin, jasonxiale, volodya
731.996 USDC - $732.00
PoolLens.getPoolBadDebt calculates the badDebt.badDebtUsd without scaling.
In function PoolLens.getPoolBadDebt, `` is used without scaling,
266 badDebt.badDebtUsd = 267 VToken(address(markets[i])).badDebt() * 268 priceOracle.getUnderlyingPrice(address(markets[i]));
For the rest of calling priceOracle.getUnderlyingPrice, they have been scaling such as
https://github.com/code-423n4/2023-05-venus/blob/8be784ed9752b80e6f1b8b781e2e6251748d0d7e/contracts/Comptroller.sol#L1105-L1106
https://github.com/code-423n4/2023-05-venus/blob/8be784ed9752b80e6f1b8b781e2e6251748d0d7e/contracts/RiskFund/RiskFund.sol#L240-L246
https://github.com/code-423n4/2023-05-venus/blob/8be784ed9752b80e6f1b8b781e2e6251748d0d7e/contracts/Shortfall/Shortfall.sol#L393
VS
Decimal
#0 - c4-judge
2023-05-18T10:41:05Z
0xean marked the issue as duplicate of #316
#1 - c4-judge
2023-06-05T14:25:14Z
0xean marked the issue as satisfactory