Proud Wintergreen Butterfly
High
Wooracle uses prices that were calculated using the previous call of Pyth’s oracle.
In swap.rs when token_mint is not equal to quote_token_mint , the function get_price::get_state_impl is called to fetch the price from the wooracle. Although, instead of returning the price fetched from the Pyth’s oracle, the function checks whether the fetched price is within set bounds of the price that was manually set in wooracle’s price variable.
Then the price is updated using the wooracle’s price variable and their formula, resulting again in a price that is not equal to the oracle’s price.
Since the wooracle’s price doesn’t match the Pyth’s price, it will lead to a situation where either legit users are getting worse prices (loss of funds) or malicious users extracting value from the pools (arbitrage) by buying when the wooracle’s price is off the Pyth’s oracle price.
[Fetching price when from.token_mint is not equal to from.quote_token_mint](https://github.com/sherlock-audit/2024-08-woofi-solana-deployment/blob/main/WOOFi_Solana/programs/woofi/src/instructions/swap.rs#L135-L149)
[Fetching price when to.token_mint is not equal to to.quote_token_mint](https://github.com/sherlock-audit/2024-08-woofi-solana-deployment/blob/main/WOOFi_Solana/programs/woofi/src/instructions/swap.rs#L168-L180)
[get_price::get_state_impl](https://github.com/sherlock-audit/2024-08-woofi-solana-deployment/blob/main/WOOFi_Solana/programs/woofi/src/instructions/get_price.rs#L112) [price_out is oracle.price instead of Pyth’s price](https://github.com/sherlock-audit/2024-08-woofi-solana-deployment/blob/main/WOOFi_Solana/programs/woofi/src/instructions/get_price.rs#L84-L90)
Manual Review
Instead of checking whether the wooracle.price is within the bounds set in the wooracle, make use of the fetched price.