Closed sherlock-admin closed 1 year ago
PawelK
medium
No check for oracle staleness
In getLatestPrice there is no check that the price is not stale. The price could be very old, and result in not favorable deal.
User fund loss due to stale price feed
function getLatestPrice(address asset) public view returns (uint256) { require(block.timstamp - prices[asset].timestamp >= STALENESS_THRESHOLD, "stale price"); return prices[asset].price; }
Manual Review
Implement check for price staleness (1 day for example)
Duplicate of #150
PawelK
medium
No check for oracle staleness
Summary
No check for oracle staleness
Vulnerability Detail
In getLatestPrice there is no check that the price is not stale. The price could be very old, and result in not favorable deal.
Impact
User fund loss due to stale price feed
Code Snippet
Tool used
Manual Review
Recommendation
Implement check for price staleness (1 day for example)
Duplicate of #150