Oighty
commented
1 year ago Owners have the ability to close markets they have active on any Auctioneer. If an oracle removes support for a token pair, then the currentPrice() function will fail. Specifically, it will execute the path _getOneFeedPrice and then _validateAndGetPrice, which will revert when validating the empty data returned from the call to the zero address.
However, this is mostly by coincidence. I think the best approach is having currentPrice() revert if the priceFeedParams for the pair are bytes(0) since this will be the case immediately after the pair is no longer supported and provides clearer behavior.
xiaoming9090
hrishibhat
usmannk
medium
Removing support for a currency pair from the oracle leaves markets in an invalid state
Summary
When a new market is registered in the Bond Oracle, it is checked that that market's currencies are supported by the oracle. If not, then the transaction reverts.
However, when a currency pair is later set to be unsupported due to an issue, markets with that pair are not unregistered. This breaks the invariant that all registered markets use supported currencies.
In fact, there is actually no way for an owner to unregister a market at all.
Vulnerability Detail
Market operations on registered markets with unsupported tokens will attempts calls to
address(0), causing unexpected results for oracle operationshttps://github.com/sherlock-audit/2023-02-bond/blob/main/bonds/src/BondChainlinkOracle.sol#L129-L148
Impact
Unexpected state for markets, potentially causing unexplained DoS.
Code Snippet
Tool used
Manual Review
Recommendation
Provide a mechanism for unregistering a market from the oracle. In addition, add auto-unregistering for markets using newly unsupported currency pairs.