search

sherlock-audit / 2023-05-perennial-judging

12 stars 9 forks source link

sashik_eth - Not checking if the L2 sequencer is down during the call to Chainlink feeds #200

Closed sherlock-admin closed 1 year ago

sherlock-admin commented 1 year ago

sashik_eth

medium

Not checking if the L2 sequencer is down during the call to Chainlink feeds

Summary

Not checking if the L2 sequencer is down during the call to Chainlink feeds

Vulnerability Detail

Protocol uses Chainlink priceFeeds to get the latest prices:

File: ChainlinkAggregator.sol
32:     function getLatestRound(ChainlinkAggregator self) internal view returns (ChainlinkRound memory) {
33:         (uint80 roundId, int256 answer, , uint256 updatedAt, ) =
34:             AggregatorProxyInterface(ChainlinkAggregator.unwrap(self)).latestRoundData(); 
35:         return ChainlinkRound({roundId: roundId, timestamp: updatedAt, answer: answer});
36:     }

When using priceFeeds on L2 it's important to check that sequencer is not down currently, otherwise oracle could return data that would be outdated. However, provided code doesn't check the sequencer state.

Impact

Outdated prices could potentially lead to wrong calculations and DOS inside the protocol.

Code Snippet

https://github.com/sherlock-audit/2023-05-perennial/blob/main/perennial-mono/packages/perennial-oracle/contracts/types/ChainlinkAggregator.sol#L32

Tool used

Manual Review

Recommendation

Consider updating code for L2 instances that check if the sequencer is up, due to Chainlink docs: https://docs.chain.link/data-feeds/l2-sequencer-feeds

Duplicate of #13