search

sherlock-audit / 2024-06-leveraged-vaults-judging

9 stars 8 forks source link

bareli - stale price may happen in "_calculateBaseToQuote" #120

Closed sherlock-admin3 closed 2 months ago

sherlock-admin3 commented 2 months ago

bareli

Medium

stale price may happen in "_calculateBaseToQuote"

Summary

There is no check for baseToUSD whether it is zero or not. There is no check for stale price in baseToUSDOracle.latestRoundData();

Vulnerability Detail

function _calculateBaseToQuote() internal view returns ( uint80 roundId, int256 answer, uint256 startedAt, uint256 updatedAt, uint80 answeredInRound ) { _checkSequencer();

    int256 baseToUSD;
    (
        roundId,
        baseToUSD,
        startedAt,
        updatedAt,
        answeredInRound

@>> ) = baseToUSDOracle.latestRoundData(); @>> require(baseToUSD > 0, "Chainlink Rate Error"); // Overflow and div by zero not possible if (invertBase) baseToUSD = (baseToUSDDecimals * baseToUSDDecimals) / baseToUSD;

Impact

stale price can be possible.

Code Snippet

https://github.com/sherlock-audit/2024-06-leveraged-vault/blob/main/leveraged-vaults-private/contracts/oracles/PendlePTOracle.sol#L109

Tool used

Manual Review

Recommendation

@>> require(baseToUSD >= 0, "Chainlink Rate Error"); int256 baseToUSD; ( roundId, baseToUSD, startedAt, updatedAt, answeredInRound @>> ) = baseToUSDOracle.latestRoundData(); @>> require(baseToUSD > 0, "Chainlink Rate Error"); @>> require( updatedAt, >= block.timestamp - HEARTBEAT_TIME);

sherlock-admin4 commented 2 months ago

1 comment(s) were left on this issue during the judging contest.

0xmystery commented:

Protocol validate chainlink oracle staleness inside the trading module with their own staleness setting across all vaults