Oracle doesn't check if Arbitrum sequencer is offline.
Summary
In the event of a prolonged downtime of the Arbitrum sequencer, the prices provided by the oracle will become outdated. Since there is no mechanism in place to check the uptime of the sequencer, when the network comes back online users may face adverse effects if their positions are closed or opened based on obsolete prices. In the worst-case scenario, users may even experience liquidation. Additionally, malicious users can exploit this situation to gain unfair advantages by obtaining settlements at outdated prices.
Vulnerability Detail
According to the documentation, Perrenial has already been deployed to Arbitrum and is therefore susceptible to the sequencer experiencing extended periods of offline status. This situation has two main consequences.
Firstly, if the sequencer remains unavailable for a long time, the oracles will have outdated prices because transactions submitted to L2 oracle by the aggregating oracles will not be processed. Malicious users can take advantage of this by submiting their L2 message via L1 through the sendUnsignedTransaction/forceInclusion mechanism and get favourable settlements on those stale prices. Secondly when the sequencer eventually comes back online, new L2 transactions will be subject to stale prices since the oracles could not be updated while the sequencer was offline. As a result, users may experience unfavorable settlements or even liquidations shortly after the sequencer goes online again.
Impact
The price oracle will be inaccurate since the new prices won't be reported to the chain due to the sequencer downtime. Shortly after the sequencer goes online again settlements will occur on outdated prices, affecting users' settlements and making possible for malicious users to exploit the stale prices into favourable settlements.
Chainlink recommends that users using price oracles on Arbitrum, check whether the Arbitrum sequencer is down using their Sequencer uptime feed, so that when the sequencer comes back up after an outage, wait for some grace period to pass before resuming protocol functionality.
Tricko
medium
Oracle doesn't check if Arbitrum sequencer is offline.
Summary
In the event of a prolonged downtime of the Arbitrum sequencer, the prices provided by the oracle will become outdated. Since there is no mechanism in place to check the uptime of the sequencer, when the network comes back online users may face adverse effects if their positions are closed or opened based on obsolete prices. In the worst-case scenario, users may even experience liquidation. Additionally, malicious users can exploit this situation to gain unfair advantages by obtaining settlements at outdated prices.
Vulnerability Detail
According to the documentation, Perrenial has already been deployed to Arbitrum and is therefore susceptible to the sequencer experiencing extended periods of offline status. This situation has two main consequences.
Firstly, if the sequencer remains unavailable for a long time, the oracles will have outdated prices because transactions submitted to L2 oracle by the aggregating oracles will not be processed. Malicious users can take advantage of this by submiting their L2 message via L1 through the
sendUnsignedTransaction/forceInclusionmechanism and get favourable settlements on those stale prices. Secondly when the sequencer eventually comes back online, new L2 transactions will be subject to stale prices since the oracles could not be updated while the sequencer was offline. As a result, users may experience unfavorable settlements or even liquidations shortly after the sequencer goes online again.Impact
The price oracle will be inaccurate since the new prices won't be reported to the chain due to the sequencer downtime. Shortly after the sequencer goes online again settlements will occur on outdated prices, affecting users' settlements and making possible for malicious users to exploit the stale prices into favourable settlements.
Code Snippet
https://github.com/sherlock-audit/2023-05-perennial/blob/main/perennial-mono/packages/perennial-oracle/contracts/ChainlinkFeedOracle.sol#L92-L167
https://github.com/sherlock-audit/2023-05-perennial/blob/main/perennial-mono/packages/perennial-oracle/contracts/ChainlinkOracle.sol#L59-L87
Tool used
Manual Review
Recommendation
Chainlink recommends that users using price oracles on Arbitrum, check whether the Arbitrum sequencer is down using their Sequencer uptime feed, so that when the sequencer comes back up after an outage, wait for some grace period to pass before resuming protocol functionality.
Duplicate of #13