c4-bot-8 commented 5 months ago

Lines of code

https://github.com/revert-finance/lend/blob/dcfa79924c0e0ba009b21697e5d42d938ad9e5e3/src/V3Oracle.sol#L360

Vulnerability details

C4 Issue

ADD-02: Missing L2 sequencer checks for Chainlink oracle

Original Issue Details

V3Oracle.sol did not implement sequencer uptime checks for the Chainlink oracle on L2

Mitigation

PR-27 does not implement properly the sequencer uptime check

New Vulnerability Details

The sequencer uptime check is not implemented properly and as a result fetching prices on L2 will always revert.

ChainLink docs as well as the comments in the code describe the statuses the uptime feed returns:

if answer is 0 it means the sequencer is UP
if answer is 1 it means the sequencer is DOWN

However the check is implemented in reverse:

https://github.com/revert-finance/lend/blob/audit/src/V3Oracle.sol#L360-L361

      // Answer == 0: Sequencer is up
      // Answer == 1: Sequencer is down
      if (sequencerAnswer == 0) {
         revert SequencerDown();
      }

This means that the function will revert while the sequencer is UP (is 0), while it should be other way around.

Recommended Mitigation

Update the check to revert when the sequrncer is DOWN (is 1)

       // Answer == 0: Sequencer is up
       // Answer == 1: Sequencer is down
       if (sequencerAnswer == 1) {
           revert SequencerDown();
       }

Conclusion

Not Mitigated

Assessed type

Invalid Validation

c4-judge commented 5 months ago

jhsagd76 marked the issue as new finding

c4-judge commented 5 months ago

jhsagd76 marked the issue as satisfactory

c4-judge commented 5 months ago

jhsagd76 marked the issue as duplicate of #5

c4-judge commented 5 months ago

jhsagd76 changed the severity to 2 (Med Risk)

code-423n4 / 2024-04-revert-mitigation-findings

ADD-02 Unmitigated #60

Lines of code

Vulnerability details

C4 Issue

Original Issue Details

Mitigation

New Vulnerability Details

Recommended Mitigation

Conclusion

Assessed type