Summary

There is no WBTC/USD chainlink oracle, only a BTC/USD chainlink oracle. Since WBTC is a bridged asset from the BTC chain, in case the bridge is compromised/fails WBTC will depags from the value of BTC. Users then can deposit effectively worthless WBTC but mint DSC worth half of the BTC price returned by the BTC/USD oracle. This would lead to DCS no longer being sufficiently collateralised and therefore to the insolvency of the protocol.

Vulnerability Details

See summary.

Impact

Project will become insolvent if WBTC depegs from BTC

Tools Used

Recommendations

Implement a double oracle setup. Use both the Chainlink and another on-chain liquidity base oracle (i.e. UniV3 TWAP). If the price of the on-chain liquidity oracle drops below a certain threshold of the Chainlink oracles (i.e. 2% lower), deposits of WBTC should not be possible anymore. Price manipulations will be prevented by the chainlink oracle and the liquidity oracle will safeguard against the asset depegging.