distributeAssets() Could Get a Stale Price From Chainlink
Summary
In the known issues, it is specified, 'Function is also dependent on Chainlink EUR / USD providing a price greater than 0,' however, only verifying that price > 0 is true is also not enough to guarantee that the returned price is not stale.
Vulnerability Details
In distributeAssets() there is no freshness check which could lead to stale prices being used. This may result in incorrect calculations of costInEuros during a sharp decrease (flash crash) or a sharp increase in price, as the Chainlink oracle may not be updated in a timely manner.
https://github.com/Cyfrin/2023-12-the-standard/blob/91132936cb09ef9bf82f38ab1106346e2ad60f91/contracts/LiquidationPool.sol#L222-L240
Impact
The use of a stale price would result in an incorrect calculation of costInEuros, leading to inaccurate values for the _portion and burnEuros variables. This would result in a faulty distribution of assets and the burning of an incorrect amount of EUROs.
Tools Used
Manuel review
Recommendations
Check answer, updateAt and roundId when getting a price.
Lead Judging Commences
Chainlink-price
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.