064.md

shaka

high

Wrong address for ethOracle in StableOracleDAI.sol

Summary

Wrong address for ethOracle in StableOracleDAI.sol.

Vulnerability Detail

In the constructor of StableOracleDAI.sol ethOracle is initialized with the address 0x0000000000000000000000000000000000000000.

Impact

Calls to StableOracleDAI.sol:getPriceUSD() will fail, which will make not possible minting or rebalancing USSD.

Code Snippet

https://github.com/sherlock-audit/2023-05-USSD/blob/main/ussd-contracts/contracts/oracles/StableOracleDAI.sol#L30

Tool used

Manual Review

Recommendation

Use the correct address: 0x60594a405d53811d3bc4766596efd80fd545a270.