PriceOracle#getPriceFromChainlink fails to check Arbitrum/Optimism Sequencer uptime
Summary
Chainlink oracles should never be used on L2 such as Arbitrum or Optimism without validating the sequencer uptime. In the event that the sequencer goes down real asset price will continue to change, leading to a host of problems. Full information and rational as to why this should be implemented can be found directly from Chainlink here.
Vulnerability Detail
See summary
Impact
Large scale unfair liquidations in the event that the sequencer goes down
0x52
medium
PriceOracle#getPriceFromChainlink fails to check Arbitrum/Optimism Sequencer uptime
Summary
Chainlink oracles should never be used on L2 such as Arbitrum or Optimism without validating the sequencer uptime. In the event that the sequencer goes down real asset price will continue to change, leading to a host of problems. Full information and rational as to why this should be implemented can be found directly from Chainlink here.
Vulnerability Detail
See summary
Impact
Large scale unfair liquidations in the event that the sequencer goes down
Code Snippet
PriceOracle.sol#L66-L72
Tool used
Manual Review
Recommendation
Implement a check and grace period as recommend by Chainlink when consuming L2 oracle data
Duplicate of #440