search

sherlock-audit / 2023-12-arcadia-judging

19 stars 15 forks source link

kaysoft - Lack of sequencer Uptime check for L2 networks can cause unfair liquidations #184

Closed sherlock-admin closed 9 months ago

sherlock-admin commented 9 months ago

kaysoft

medium

Lack of sequencer Uptime check for L2 networks can cause unfair liquidations

Summary

The project is deployed to Base and will be deployed to Arbitrum, Optimism and other L2 in the future, however there is no sequencer activeness check for the Chainlink L2s price feed as recommended by the Chainlink Docs

Vulnerability Detail

Sequencer Uptime check for L2s is explained in details here: https://docs.chain.link/data-feeds/l2-sequencer-feeds#overview

Impact

Unfair Liquidations during sequencer downtime and imm

Code Snippet

https://github.com/sherlock-audit/2023-12-arcadia/blob/main/accounts-v2/src/oracle-modules/ChainlinkOM.sol#L113C5-L130C1

Tool used

https://docs.chain.link/data-feeds/l2-sequencer-feeds#handling-outages-on-optimism-base-and-metis

Recommendation

Implement the uptime sequencer check as recommended by Chainlink Docs. You can find an example code here: https://docs.chain.link/data-feeds/l2-sequencer-feeds#example-code

Duplicate of #105

sherlock-admin2 commented 9 months ago

1 comment(s) were left on this issue during the judging contest.

takarez commented:

invalid