OracleLib does not handle the mininimum and maximum configured prices for the different oracles. There is a non zero probability that the oracle will report the price limits instead of the real world price. The worst case scenario if this is not handled properly is the accumulation of a lot of bad debt for users of DSC.
When the chainlink oracle is set up, it is configured with a minimum and maximum price. If the real world price of the asset is outside of this boundary, the configured minimum or maximum price is reported instead. This is the same vulnerability that left Venus Protocol with 11m of bad debt when Luna crashed as the oracle was reporting a price 10x higher than the real market price.
If the oracle is reporting a higher price than the real price of a collateral, a user is able to mint more DSC than is allowed thus leaving the protocol with a lot of bad debt.
Manual Review
When specifying which collaterals are allowed at the deployment of the DSCEngine, specify the minimum and maximum price as well and automatically disable the use of this collateral if the oracle price is a certain threshold of the min / max price.
Alternatively, consider using a fallback oracle when the price boundaries are hit.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.