Chainlink Oracles store answers with as int256
, allowing for negative values. In the DSCEngine, however, answer
is explicitly cast to uint256
and is then used to calculate the value of collateral. For example in getUsdValue()
:
Explicit casts in Solidity are unsafe by design and this one in particular will underflow:
uint256(int256(-1))
will evaluate to 2^256 - 1
uint256(int256(-10e8))
will evaluate to 2^256 - 10e8
Therefore negative prices will be treated as exceedingly large prices (77 OOM), allowing for an essentially unlimited minting power.
Read more: https://degensec.hashnode.dev/everything-you-need-to-know-about-integrating-chainlink#heading-fundamentals-first
Medium.
Severity is critical, but the likelihood is very low.
Manual Review.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.