Oracle data feed is insufficiently validated. There is no check for stale price and round completeness.
Price can be stale and can lead to wrong price return value.
Impact
Price can be stale and can lead to wrong price return value.
Code Snippet
Function _latestAnswer64x64() calls latestRoundData() to get the basePrice and underlyingPrice
minhquanym
medium
Oracle data feed is insufficiently validated.
Summary
Oracle data feed is insufficiently validated. https://github.com/sherlock-audit/2022-09-knox/blob/main/knox-contracts/contracts/pricer/PricerInternal.sol#L49-L55
Vulnerability Detail
Oracle data feed is insufficiently validated. There is no check for stale price and round completeness. Price can be stale and can lead to wrong
price
return value.Impact
Price can be stale and can lead to wrong
price
return value.Code Snippet
Function
_latestAnswer64x64()
callslatestRoundData()
to get thebasePrice
andunderlyingPrice
Tool used
Manual Review
Recommendation
Consider adding validation for data feed
Duplicate of #137