search

code-423n4 / 2022-12-tigris-findings

8 stars 4 forks source link

ChainLink oracle could be using stale data #624

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/utils/TradingLibrary.sol#L113

Vulnerability details

Impact

ChainLink oracle could be using stale data which can cause unexpected behavior in trading and make trading susceptible to oracle attacks (flash loans etc).

Proof of Concept

In verifyPrice() the ChainLink feed should use latestRoundData() instead of latestAnswer() https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/utils/TradingLibrary.sol#L113 since latestAnswer() returns the last value but the data could be stale. Using latestRoundData() allows for checking the updateTime and answeredInRound fields for staleness validation.

Tools Used

None

Recommended Mitigation Steps

Use (roundId, price, , updateTime, answeredInRound) = IPrice(_chainlinkFeed).latestRoundData() and add latestRoundData() to IPrice interface.

c4-judge commented 1 year ago

GalloDaSballo marked the issue as duplicate of #655

c4-judge commented 1 year ago

GalloDaSballo marked the issue as satisfactory