sherlock-admin2
commented
3 weeks ago 1 comment(s) were left on this issue during the judging contest.
z3s commented:
Low/Info
Closed sherlock-admin2 closed 3 weeks ago
sherlock-admin2
commented
3 weeks ago 1 comment(s) were left on this issue during the judging contest.
z3s commented:
Low/Info
tvdung94
Medium
The smart contracts will not work on all EVM - compatible networks
Summary
In the README.md, the sponsor states that this system should work on any evm-compatible chain.
The problem is that it may be impossible to achieve this, for trusted oracle (chainlink/redstones) do not support all l2 evm-compatible chain.
Vulnerability Detail
There are some l2 chains that is not supported by neither chainlink nor redstone. For example: FileCoin, PulseChain, etc ... Redstone doc also states that you might need some custom development to get redstone oracle runs on unfamiliar chains. Source: https://docs.redstone.finance/docs/get-started/supported-chains#:~:text=Potentially%20you%20can%20use%20it%20on%20any%20other%20chain%2C%20but%20it%20would%20require%20some%20custom%20development.%20You%20can%20write%20your%20own%20implementation%20for%20the%20blockchain%20of%20your%20choice.%20Feel%20free%20to%20contact%20us%20on%20discord%20for%20details.
Impact
On some certain networks, the system won't work at all, since there is no chainlink / redstone oracle. Although protocol has fixed price oracle, it should be only used by some very particular assets.
Code Snippet
https://github.com/sherlock-audit/2024-08-sentiment-v2/blob/main/protocol-v2/src/oracle/RedstoneOracle.sol#L48-L61 https://github.com/sherlock-audit/2024-08-sentiment-v2/blob/main/protocol-v2/src/oracle/ChainlinkUsdOracle.sol#L116
Tool used
Manual Review
Recommendation
If the protocol is planning to deploy on any evm-compatible chain, they should contact redstone team to learn more about getting redstone oracle to run on any chain