Decentralized Oracle Usage: For better security, integrating a decentralized oracle for price feeds could provide more reliable and manipulation-resistant pricing.
Vulnerability Detail
Price Manipulation: The contract acknowledges that Uniswap V2 pool reserves can be manipulated (e.g., via flash loans), which can affect the spot price. It recommends using price feeds as a more reliable source of price data.
bareli
medium
Decentralized Oracle Usage:
Summary
Decentralized Oracle Usage: For better security, integrating a decentralized oracle for price feeds could provide more reliable and manipulation-resistant pricing.
Vulnerability Detail
Price Manipulation: The contract acknowledges that Uniswap V2 pool reserves can be manipulated (e.g., via flash loans), which can affect the spot price. It recommends using price feeds as a more reliable source of price data.
Impact
Code Snippet
https://github.com/sherlock-audit/2023-11-olympus/blob/main/bophades/src/modules/PRICE/submodules/feeds/UniswapV2PoolTokenPrice.sol#L306
Tool used
Manual Review
Recommendation
For better security, integrating a decentralized oracle for price feeds could provide more reliable and manipulation-resistant pricing.
Duplicate of #123