Open c4-bot-9 opened 4 months ago
kalinbas (sponsor) confirmed
Some additional info for the judges: Me and @thank_you have marked this issue directly as Unmitigated, instead of submitting it as a separate finding
Some additional info for the judges: Me and @thank_you have marked this issue directly as Unmitigated, instead of submitting it as a separate finding
This issue is a mitigation error instead of the state of Unmitigated.
So I will upgrade both of these issues to the dup for this issue
jhsagd76 marked the issue as satisfactory
jhsagd76 marked the issue as selected for report
jhsagd76 marked the issue as primary issue
Lines of code
https://github.com/revert-finance/lend/blob/audit/src/V3Oracle.sol#L360-L362
Vulnerability details
C4 issue
ADD-02: Missing L2 sequencer checks for Chainlink oracle
Impact
sequencerUptimeFeed
is set, then the function will revert most of the time and affect a lot of other functions in Revert Lend.Proof of concept
The original issue is fixed by PR #27 The mitigation code adds sequencer check as follows:
However, as you can see in the comment
sequencerAnswer == 0
indicates that the sequencer is up, yet in that case the code reverts withSequencerDown
error (wrong logic). This logic is also stated in the docs:The message calls the updateStatus function in the ArbitrumSequencerUptimeFeed contract and updates the latest sequencer status to 0 if the sequencer is up and 1 if it is down
.Since most of the time the the sequencer is up (
sequencerAnswer == 0
), the function will revert most of the time and affect many other functions/contracts.Recommended Mitigation Steps
Change
if (sequencerAnswer == 0)
toif (sequencerAnswer == 1)
.Assessed type
Invalid Validation