search

code-423n4 / 2024-06-renzo-mitigation-findings

0 stars 0 forks source link

M-12 MitigationConfirmed #47

Open c4-bot-3 opened 3 months ago

c4-bot-3 commented 3 months ago

Lines of code

Vulnerability details

Original Issue Summary

In the original issue, getRate() does not check for outdated exchange rates, which can result to incorrect calculations.

Mitigation

The mitigation proposes a staleness-check:

-        (uint256 _lastPrice, ) = getMintRate();
+        (uint256 _lastPrice, uint256 _lastPriceTimestamp) = getMintRate();
+        if (block.timestamp > _lastPriceTimestamp + 1 days) {
+            revert OraclePriceExpired();
+        }

Comments

This mitigation succesfully mitigates the original issue. The usage of _lastPriceTimestamp and checking if block.timestamp is more than _lastPriceTimestamp + 1 days will ensure that the price can not be stale.

Suggestion

n/a

Conclusion

LGTM

c4-judge commented 3 months ago

alcueca marked the issue as satisfactory