getRoundData() Oracle data feed is insufficiently validated
Summary
Oracle data feed is insufficiently validated
Found by: @Tomosuke0930
Vulnerability Detail
Important
A read can revert if the caller is requesting the details of a round that was invalid or has not yet been answered. If you are deriving a round ID without having observed it before, the round might not be complete. To check the round, validate that the timestamp on that round is not 0.
neila
medium
getRoundData()
Oracle data feed is insufficiently validatedSummary
Oracle data feed is insufficiently validated Found by: @Tomosuke0930
Vulnerability Detail
Ref: https://docs.chain.link/docs/data-feeds/price-feeds/historical-data/#:~:text=getRoundData
If you call
getRoundData()
, you must check the timestamp is not 0Impact
The round may not complete
Code Snippet
https://github.com/unchain-dev/2022-11-float-capital-UNCHAIN/blob/e167ac24613e02748aad72c1d216283225733355/contracts/keepers/OracleManagerUtils.sol#L60
Tool used
Manual Review
Recommendation
Add checking like this