search

code-423n4 / 2024-03-abracadabra-money-findings

9 stars 7 forks source link

Contract `MagicLpAggregator.sol` uses deprecated latestAnswer() function #217

Closed c4-bot-4 closed 7 months ago

c4-bot-4 commented 7 months ago

Lines of code

https://github.com/code-423n4/2024-03-abracadabra-money/blob/main/src/oracles/aggregators/MagicLpAggregator.sol#L38-L39

Vulnerability details

Impact

The function MagicLpAggregator::latestAnswer() contains the following lines of code

uint256 baseAnswerNomalized = uint256(baseOracle.latestAnswer()) * (10 ** (WAD - baseOracle.decimals()));
uint256 quoteAnswerNormalized = uint256(quoteOracle.latestAnswer()) * (10 ** (WAD - quoteOracle.decimals()));

From the Chainlink docs we can verify that the use of latestAnswer() is deprecated and should not be used.

The impact is that the latestAnswer can return 0 and cause the variables baseAnswerNomalized and quoteAnswerNormalized to be set as 0.

Proof of Concept

The NatSpec of latestAnswer is the following

@dev #[deprecated] Use latestRoundData instead. This does not error if no answer has been reached, it will simply return 0. Either wait to point to an already answered Aggregator or use the recommended latestRoundData instead which includes better verification information.

Tools Used

Manual Review, Solodit

Recommended Mitigation Steps

Use the latestRoundData function to get the price instead.

Assessed type

Oracle

0xm3rlin commented 7 months ago

no factor

c4-pre-sort commented 7 months ago

141345 marked the issue as duplicate of #82

c4-judge commented 7 months ago

thereksfour marked the issue as satisfactory

c4-judge commented 7 months ago

thereksfour marked the issue as unsatisfactory: Invalid