search

code-423n4 / 2023-07-moonwell-findings

1 stars 0 forks source link

Potential Stale Data Due to Inadequate Round Validation #331

Closed code423n4 closed 11 months ago

code423n4 commented 12 months ago

Lines of code

https://github.com/code-423n4/2023-07-moonwell/blob/main/src/core/Oracles/ChainlinkCompositeOracle.sol#L180-L195

Vulnerability details

Impact

Even tough the dev is checking if the data is stale or not some valid prices could still be considered as invalid because of this line: answeredInRound == roundId, sometimes the answeredInRound might be greater than roundId and would still be valid but in this case would be considered as stale.

Proof of Concept

190:        bool valid = price > 0 && answeredInRound == roundId;

using answeredInRound == roundId will not cover the cases where anwseredInRound is still valid and not stale but is greater than roundId, which happens in Chainlink.

Tools Used

Manual review

Recommended Mitigation Steps

use answeredInRound >= roundId instead, it covers more scenarios, including unexpected ones where answeredInRound might be greater than roundId, ensuring data is not stale.

Assessed type

Oracle

0xSorryNotSorry commented 11 months ago

OOS --> [M‑02] Insufficient oracle validation

c4-pre-sort commented 11 months ago

0xSorryNotSorry marked the issue as low quality report

c4-judge commented 11 months ago

alcueca marked the issue as unsatisfactory: Invalid