ChainLink's latestRoundData might return stale or incorrect results
Summary
In GLPOracle we are using a call to latestRoundData, however there are not sufficient checks in place to prevent stale data from being used.
Vulnerability Detail
In getEthPrice, roundId is not checked against answeredInRound. According to ChainLink documentation, this may result in stale prices, even though updatedAt is checked.
A stale price would potentially lead to assets being mispriced and risk profiles being miscalculated, preventing the protocol from working as intended.
Madalad
medium
ChainLink's
latestRoundData
might return stale or incorrect resultsSummary
In
GLPOracle
we are using a call tolatestRoundData
, however there are not sufficient checks in place to prevent stale data from being used.Vulnerability Detail
In
getEthPrice
,roundId
is not checked againstansweredInRound
. According to ChainLink documentation, this may result in stale prices, even thoughupdatedAt
is checked.https://docs.chain.link/docs/historical-price-data/#historical-rounds
Impact
A stale price would potentially lead to assets being mispriced and risk profiles being miscalculated, preventing the protocol from working as intended.
Code Snippet
https://github.com/sentimentxyz/oracle/blob/rage-jr/src/gmx/GLPOracle.sol#L47-L58
Tool used
Manual Review
Recommendation
Update
getEthPrice
to include an extra check for stale price:Duplicate of #31