0xlmanini
high
StableOracleDAI.sol assumes the price reported by Chainlink is in 8 dp while it's really 18.
priceFeedDAIETH is set to the address 0x773616E4d11A78F511299002da57A0a94577F1f4 which matches this Chainlink price feed.
As can be seen in the price feed's etherscan page, the price reported is in 18 decimal precision like every Chainlink feed price against ETH.
When calculating the value to be returned, the oracle takes the mean of the price returned by Uniswap's TWAP oracle and that returned by Chainlink. In doing this, it assumes that the Chainlink price is expressed in 8 decimals and thus multiplies it by 1e10.
Users of this oracle expect the returned value to be in 18 dp, while actually it's in 9 dp. The returned value's decimal precision check evaluates to:
1e18 * 1e18 / ((1e18 + 1e18 * 1e10) / 2) ~= 1e36 / (1e28 / 2) = 1e36 / 1e27 = 1e9
As a consequence, USSD.sol#calculateMint() will return a much smaller amount of USSD to be minted in exchange for DAI.
StableOracleDAI.sol#getPriceUSD()
Manual Review
Change the return value expression:
- return (wethPriceUSD * 1e18) / ((DAIWethPrice + uint256(price) * 1e10) / 2);
+ return (wethPriceUSD * 1e18) / ((DAIWethPrice + uint256(price)/ 2);