Tokens with heartbeat > 3 hours in Chainlink oracle will cause the protocol to stop functioning properly.
Summary
Tokens with heartbeat > 3 hours in Chainlink oracle will cause the protocol to stop functioning properly.
Vulnerability Details
The staleness duration is currently hard-coded as 3 hours. However, different tokens (on different chains) may have different heartbeat.
For reference, ETH/USD price feed on Arbitrum has a heartbeat of 1 day (see https://docs.chain.link/data-feeds/price-feeds/addresses?network=arbitrum ).
Impact
For these price feeds with longer heartbeat duration, the
getUSDPricemay revert due to staleness check, in the case the token price is volatile.Since the core functionality of the protocol relies on health check upon minting and burning the stablecoin, it'll always rely on the price of the collaterals, which will cause the tx to revert.
This means that during this time, users will not be able to interact or adjust the position --> which can end up causing liquidations or even bad debts to the protocol during this time. Take a heartbeat of 1 day, for example, the downtime would be 21 hours out of 24 hours timespan --> protocol would be pretty much offline for 21/24 = 87.5% of the time.
Tools Used
Manual Review
Recommendations
Don't make the timeout a constant and make it adjustable for each token you're supporting. So, it should be some kind of mapping from token address to a configurable number instead.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.