Closed code423n4 closed 2 years ago
https://github.com/code-423n4/2022-03-rolla/blob/a06418c9cc847395f3699bdf684a9ac066651ed7/quant-protocol/contracts/pricing/oracle/ChainlinkOracleManager.sol#L112-L120
function getCurrentPrice(address _asset) external view override(ProviderOracleManager, IProviderOracleManager) returns (uint256) { address assetOracle = getAssetOracle(_asset); IEACAggregatorProxy aggregator = IEACAggregatorProxy(assetOracle); int256 answer = aggregator.latestAnswer();
According to Chainlink's documentation, the latestAnswer function is deprecated. This function does not error if no answer has been reached but returns 0, causing an incorrect price fed to the EIP1271Wallet.
latestAnswer
EIP1271Wallet
See also: https://github.com/code-423n4/2021-07-wildcredit-findings/issues/75
Duplicate of #17
quantizations
commented
2 years ago
Lines of code
https://github.com/code-423n4/2022-03-rolla/blob/a06418c9cc847395f3699bdf684a9ac066651ed7/quant-protocol/contracts/pricing/oracle/ChainlinkOracleManager.sol#L112-L120
Vulnerability details
https://github.com/code-423n4/2022-03-rolla/blob/a06418c9cc847395f3699bdf684a9ac066651ed7/quant-protocol/contracts/pricing/oracle/ChainlinkOracleManager.sol#L112-L120
According to Chainlink's documentation, the
latestAnswerfunction is deprecated. This function does not error if no answer has been reached but returns 0, causing an incorrect price fed to theEIP1271Wallet.See also: https://github.com/code-423n4/2021-07-wildcredit-findings/issues/75