The Standard
The Standard
DeFiHardhat
20,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Chainlink's latestRoundData might return stale results

wttt

Summary

PriceCalculator.sol using Chainlink's latestRoundData API, but there is no check if the return value indicates stale data. This could lead to stale prices

Vulnerability Details

In the PriceCalculator.sol contract, the eurToToken function obtains tokenUsdPrice and eurUsdPrice without checking whether the return value of Chainlink is outdated.

function eurToToken(
ITokenManager.Token memory _token,
uint256 _eurValue
) external view returns (uint256) {
Chainlink.AggregatorV3Interface tokenUsdClFeed = Chainlink
.AggregatorV3Interface(_token.clAddr);
(, int256 tokenUsdPrice, , , ) = tokenUsdClFeed.latestRoundData();
(, int256 eurUsdPrice, , , ) = clEurUsd.latestRoundData();
return
(_eurValue * uint256(eurUsdPrice)) /
uint256(tokenUsdPrice) /
10 ** getTokenScaleDiff(_token.symbol, _token.addr);
}

The same vulnerability exists in other functions as well.

Impact

This will result in an incorrect price being returned.

Tools Used

Manual review

Recommendations

Add storage variable hearbeat which checks that last answer is not too old. And perform following checks:

Get different token prices and rewrite the priceFeed

(uint80 roundID, int256 answer, uint256 startedAt, uint256 updatedAt,) = priceFeed.latestRoundData();
require(updatedAt >= roundID, "Stale price");
require(startedAt != 0,"Round not complete");
require(answer > 0,"Chainlink answer reporting 0");
require(block.timestamp - updatedAt <= heartbeat, "Stale price");
Updates

Lead Judging Commences

hrishibhat Lead Judge almost 2 years ago
Submission Judgement Published
Validated
Assigned finding tags:

Chainlink-price

hrishibhat Lead Judge almost 2 years ago
Submission Judgement Published
Invalidated
Reason: Known issue
Assigned finding tags:

Chainlink-price

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!