Lines of code

https://github.com/code-423n4/2024-05-predy/blob/2fb1e0ec7a52fc06c2e9c8e561bccba84302e4bb/src/PriceFeed.sol#L46-L46

Vulnerability details

The updatedAt timestamp in the Chainlink price feed response is not checked. So outdated prices may be used.

    (, int256 quoteAnswer,,,) = AggregatorV3Interface(_quotePriceFeed).latestRoundData();

Impact

Oracle price feeds can become stale due to a variety of reasons. Using a stale price will result in incorrect calculations in the liquidation functionality.

Recommended Mitigation Steps

Read the updatedAt parameter from the calls to latestRoundData() and verify that it isn't older than a set amount, eg:

-   (, int256 quoteAnswer,,,) = AggregatorV3Interface(_quotePriceFeed).latestRoundData();
+   (, int256 quoteAnswer,,uint256 updatedAt,) = AggregatorV3Interface(_quotePriceFeed).latestRoundData();

+   if (updatedAt < block.timestamp - VALID_TIME_PERIOD) {
+      revert("stale price feed");
+   }

Assessed type

Oracle

code-423n4 / 2024-05-predy-validation

Calls to Chainlink oracles don't check for stale prices. #591

Lines of code

Vulnerability details

Impact

Recommended Mitigation Steps

Assessed type