Open c4-submissions opened 10 months ago
raymondfam marked the issue as sufficient quality report
raymondfam marked the issue as duplicate of #32
raymondfam marked the issue as not a duplicate
raymondfam marked the issue as duplicate of #194
raymondfam marked the issue as duplicate of #723
fatherGoose1 changed the severity to QA (Quality Assurance)
fatherGoose1 marked the issue as grade-b
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/oracles/ChainlinkPriceOracle.sol#L37 https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/LRTDepositPool.sol#L109
Vulnerability details
Impact
Lack fallback for price feed Oracle leads to errors or zero prices puts protocol at risk and unexpected and undesirable behaviour
Proof of Concept
The asset price only relies on the Chainlink Oracle which can be down, or provide wrong answers if minAnswer or maxAnswer reached or return 0 price if no answer reached. This implies users cant exchange tokens or exchange tokens at unfair rates or can mint zero rsETH
Tools Used
Manual Analysis, Past Reports
Recommended Mitigation Steps
Make use of backup like Uniswap TWAP as prices for the assets in system like stETH are available. Therefore fallback prices can be used in the case of challenges with Chainlink prices
Assessed type
Other