15,000 USDC
View results
Submission Details
Severity: medium

No check if the `min price`/`max price` is hit when calling the chainlink oracle

Summary

If the min price/max price valid liquidations will not be possible and users will be able to mint more DSC than they should be able to

Vulnerability Details

Chainlink aggregators have a built in circuit breaker if the price of an asset goes outside of a predetermined price band. The result is that if an asset experiences a huge drop in value (i.e. LUNA crash) the price of the oracle will continue to return the minPrice instead of the actual price of the asset. This would allow user to continue minting against the asset but at the wrong price and would prevent valid liquidations.

Impact

In the event that an asset crashes (i.e. LUNA), valid liquidations will be prevented and users will be able to mint against the asset using an inflated price

Tools Used

Manual review

Recommendations

ChainlinkAdapterOracle should check the returned answer against the minPrice/maxPrice and revert if the answer is outside of the bounds. The minPrice/maxPrice can be saved in a struct with the priceFeed of the token an passed as an argument when calling staleCheckLatestRoundData

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.