You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the previous implementation, cbETH, rETH, ankrETH Use ETH as ref
But it should actually be ETH2, and token.exchangeRate() is for ETH2 and the corresponding pegPricei s inaccurate
Mitigation
PR 899
Adjusted to EHT2 and introduced targetPerTokChainlinkFeed instead of _underlyingRefPerTok for price calculation
the mitigation resolved the original issue.
Lines of code
Vulnerability details
In the previous implementation, cbETH, rETH, ankrETH Use
ETH
asref
But it should actually be
ETH2
, andtoken.exchangeRate()
is forETH2
and the correspondingpegPrice
i s inaccurateMitigation
PR 899
Adjusted to
EHT2
and introducedtargetPerTokChainlinkFeed
instead of_underlyingRefPerTok
for price calculationthe mitigation resolved the original issue.
obscure
Reth Is to provide
reth.burn()
geteth
fromreth
viagetExchangeRate()
without loss.https://etherscan.io/token/0xae78736cd615f374d3085123a210448e74fc6393#code
So it makes sense for
reth
to useeth
as aref
.It's a slightly different situation than
cbETH
,ankrETH
.The text was updated successfully, but these errors were encountered: