Potential DOS for price feed if depegging event happen
Proof of Concept
Protocol use wbtc / weth for btc and eth .If the WBTC/WETH bridge is compromised and WBTC/WETH depegs from BTC/ETH, the protocol will continue to price BTC/ETH using the WBTC/WETH price, even though WBTC/WETH will instantly become worth far less than native BTC/ETH due to the bridge compromise.
Lines of code
https://github.com/code-423n4/2024-01-salty/blob/53516c2cdfdfacb662cdea6417c52f23c94d5b5b/src/price_feed/CoreUniswapFeed.sol#L50-L74
Vulnerability details
Impact
Potential DOS for price feed if depegging event happen
Proof of Concept
Protocol use wbtc / weth for btc and eth .If the WBTC/WETH bridge is compromised and WBTC/WETH depegs from BTC/ETH, the protocol will continue to price BTC/ETH using the WBTC/WETH price, even though WBTC/WETH will instantly become worth far less than native BTC/ETH due to the bridge compromise.
Tools Used
manual view
Recommended Mitigation Steps
use btc / eth instead of wbtc/weth
Assessed type
DoS