Summary

Tokens with heartbeat > 3 hours in Chainlink oracle will cause the protocol to stop functioning properly.

Vulnerability Details

• The staleness duration is currently hard-coded as 3 hours. However, different tokens (on different chains) may have different heartbeat.

For reference, ETH/USD price feed on Arbitrum has a heartbeat of 1 day (see https://docs.chain.link/data-feeds/price-feeds/addresses?network=arbitrum ).

Impact

• For these price feeds with longer heartbeat duration, the getUSDPrice may revert due to staleness check, in the case the token price is volatile.

• Since the core functionality of the protocol relies on health check upon minting and burning the stablecoin, it'll always rely on the price of the collaterals, which will cause the tx to revert.

• This means that during this time, users will not be able to interact or adjust the position --> which can end up causing liquidations or even bad debts to the protocol during this time. Take a heartbeat of 1 day, for example, the downtime would be 21 hours out of 24 hours timespan --> protocol would be pretty much offline for 21/24 = 87.5% of the time.

Tools Used

Manual Review

Recommendations

• Don't make the timeout a constant and make it adjustable for each token you're supporting. So, it should be some kind of mapping from token address to a configurable number instead.