Foundry DeFi Stablecoin CodeHawks Audit Contest
Cyfrin
DeFiFoundry
15,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Valid

Price oracle could get a wrong price

0xsmartcontract

Summary

staleCheckLatestRoundData function returns oracle price, but has no check if price comes as 0, it also returns 3 hour time delay, this time is high, need to be lowered

Vulnerability Details

Oracles may have problems from time to time, so 0 value may come, 0 value should be checked.
However, there is no 0 value control in the function.

src/libraries/OracleLib.sol:
18
19: uint256 private constant TIMEOUT = 3 hours; // 3 * 60 * 60 = 10800 seconds
20:
21: function staleCheckLatestRoundData(AggregatorV3Interface priceFeed)
22: public
23: view
24: returns (uint80, int256, uint256, uint256, uint80)
25: {
26: (uint80 roundId, int256 answer, uint256 startedAt, uint256 updatedAt, uint80 answeredInRound) =
27: priceFeed.latestRoundData();
28:
29: uint256 secondsSince = block.timestamp - updatedAt;
30: if (secondsSince > TIMEOUT) revert OracleLib__StalePrice();
31:
32: return (roundId, answer, startedAt, updatedAt, answeredInRound);
33: }

Impact

Price oracle could get a stale price without checking roundId.

Tools Used

Manuel Code Review

Recommendations

In the LUNA event, although the oracle price has stopped, users have suffered from platforms using the price for hours, so a 3 hour option is a very high time frame, it is recommended to reduce it to a reasonable time

Check answer, updateAt and roundId when getting price:

uint256 private constant TIMEOUT = 10 minutes;
(uint80 roundId, int256 rate, uint256 updatedAt, uint80 answeredInRound) = priceFeed.latestRoundData();
require(updatedAt > 0, "Round is not complete");
require(rate>= 0, "Malfunction");
require(answeredInRound >= roundID, "Stale price");

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.