search

code-423n4 / 2022-04-phuture-findings

0 stars 0 forks source link

Chainlink's latestRoundData missing security checks #24

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Lines of code

Vulnerability details

Impact

Protocol uses Chainlink as one of the oracles that provides prices for the assets. Chainlink's latestRoundData is used but the implementation is missing important security checks that can result in stale and incorrect prices being returned.

Proof of Concept

Tools Used

Manual Review / VSCode

Recommended Mitigation Steps

It is recommended to add checks on the returned data of latestRoundData with proper revert messages if the price is stale or the round is incomplete, for example:

(
  roundId,
  rawPrice,
  ,
  updateTime,
  answeredInRound
) = baseAggregator.latestRoundData();
require(rawPrice > 0, "price <= 0");
require(updateTime != 0, "incomplete round");
require(answeredInRound >= roundId, "stale price");
olivermehr commented 2 years ago

Duplicate issue of #1