0xlmanini
medium
This condition within USSDRebalancer.sol is always true
The if statement is meant to guard against buying DAI for a second time within SellUSSDBuyCollateral(). The condition checked in this if statement is always true, as :
| collateral[i].token != token0 | collateral[i].token != token1 | collateral[i].token != token0 OR collateral[i].token != token1 |
|---|---|---|
| false | false | false |
| false | true | true |
| true | false | true |
| true | true | true |
Notice that the first case presented above is impossible, as it implies token == token0 == token1 and it's always true that token0 != token1.
Hence, no real guard against buying DAI twice is present.
Assuming the system is going to be delpoyed as shown in the project's test case, DAI will be employed as a collateral with empty pathbuy and pathsell fields. This implies that when this statement is hit, the Rebalancer will attempt to trade on Uniswap's Router passing an empty path of tokens, which will cause the transaction to revert.
As a consequence, every time DAI's collateral value percentage w.r.t. the system's total collateral valuation is lower than the current flutter's distribution plan, the system's rebalancing will fail.
System is unable to rebalance itself under certain conditions.
USSDRebalancer.sol#SellUSSDBuyCollateral() USSD.sol#UniV3SwapInput()
Manual Review
Change the if condition to:
- if (collateral[i].token != uniPool.token0() || collateral[i].token != uniPool.token1()) {
+ if (collateral[i].token != uniPool.token0() && collateral[i].token != uniPool.token1()) {effectively checking that collateral[i].token isn't present in the pool.