Omniscia Euler Finance Audit
PegStabilityModule Manual Review Findings
PegStabilityModule Manual Review Findings
PSM-01M: Inexistent Sanitization of Fees
| Type | Severity | Location |
|---|---|---|
| Input Sanitization |  | PegStabilityModule.sol:L26, L27 |
Description:
The TO_UNDERLYING_FEE and TO_SYNTH_FEE fees must always be less than the BPS_SCALE, however, the PegStabilityModule::constructor does not presently sanitize them.
Impact:
The contract can always be redeployed if misconfigured, rendering this exhibit to be informational in nature.
Example:
21constructor(address _evc, address _synth, address _underlying, uint256 toUnderlyingFeeBPS, uint256 toSynthFeeBPS)22 EVCUtil(IEVC(_evc))23{24 synth = ESynth(_synth);25 underlying = IERC20(_underlying);26 TO_UNDERLYING_FEE = toUnderlyingFeeBPS;27 TO_SYNTH_FEE = toSynthFeeBPS;28}Recommendation:
We advise them to be properly sanitized, ensuring that the calculations of the PegStabilityModule::quoteTo-prefixed functions will be properly performed.
Alleviation (fb2dd77a6ff9b7f710edb48e7eb5437e0db4fc1a):
The referenced fees are adequately sanitized via if-revert pattern checks introduced to the PegStabilityModule::constructor, addressing this exhibit.
PSM-02M: Inexistent Reversion of Rounding Direction
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  | PegStabilityModule.sol:L70-L72, L78-L80 |
Description:
The PegStabilityModule::quoteTo-prefixed functions will always round towards 0 which is incorrect for the output-to-input conversion mechanisms which should instead round upwards.
Impact:
The accounting error that presently exists in the PegStabilityModule may result in discrepant output amounts for the same input amount depending on which conversion avenue was utilized and the amounts involved.
Example:
66function quoteToUnderlyingGivenIn(uint256 amountIn) public view returns (uint256) {67 return amountIn * (BPS_SCALE - TO_UNDERLYING_FEE) / BPS_SCALE;68}69
70function quoteToUnderlyingGivenOut(uint256 amountOut) public view returns (uint256) {71 return amountOut * BPS_SCALE / (BPS_SCALE - TO_UNDERLYING_FEE);72}73
74function quoteToSynthGivenIn(uint256 amountIn) public view returns (uint256) {75 return amountIn * (BPS_SCALE - TO_SYNTH_FEE) / BPS_SCALE;76}77
78function quoteToSynthGivenOut(uint256 amountOut) public view returns (uint256) {79 return amountOut * BPS_SCALE / (BPS_SCALE - TO_SYNTH_FEE);80}Recommendation:
We advise the output-to-input conversion mechanisms to round in the appropriate direction, ensuring that a user cannot supply less input than normally expected for a particular output.
Alleviation (fb2dd77a6ff9b7f710edb48e7eb5437e0db4fc1a):
The Euler Finance team evaluated this exhibit and opted to acknowledge it as they believe that inverse rounding between the input and output conversion mechanisms would confuse integrators.