sherlock-admin
commented
1 year ago 4 comment(s) were left on this issue during the judging contest.
141345 commented:
d
n33k commented:
no description and impact
darkart commented:
Badly written report
panprog commented:
the issue is high but the demonstrated impact is low or medium
mert_eren
high
Wrong implamatation of pythOracle request for using time.
Summary
PythOracleFactory use granularity for use price updates and push price according with that(for example if granularity is 15 minute than Oracle record price as 15 min parsels. However in PythOracle.request record it with block.timestamp instead of pythOracleFactory.current(). Because of that protocol will have unconsistencies because marketUpdate orders with PythOracleCurrent and there will be too much data collected in PythOracle.versionList array which is not intended.
Vulnerability Detail
Impact
Code Snippet
https://github.com/sherlock-audit/2023-07-perennial/blob/main/perennial-v2/packages/perennial-oracle/contracts/pyth/PythOracle.sol#L77-L81
Tool used
Manual Review
Recommendation