No error handling in `LiquidationPool::distributeAssets()` for oracle calls
Summary
Calls to Chainlink oracles can potentially revert, which will result in a DOS to LiquidationPool::distributeAssets().
Vulnerability Details
LiquidationPool::distributeAssets() lacks the needed try-catch logic to catch potential reverts of oracle calls. This may occur for the following reasons:
Chainlink's multisig can block access to price feeds
Oracle may malfunction and be temporarily paused
Oracle might be deprecated and replaced with a different one
Error handling should be implemented to catch various such edge cases that might occur in the future. Also, the contract makes use of the EUR/USD price feed and that one is set in the constructor but can't be changed after deployment.
The following lines are affected by this:
L207:
L218:
Impact
Denial of Service to the LiquidationPool::distributeAssets() function. Potentially a permanent one if the EUR/USD feed gets deprecated and replaced since it can't be changed once deployed.
Check the following resource from OpenZeppelin for additional insights on the potential risks involved with this:
https://blog.openzeppelin.com/secure-smart-contract-guidelines-the-dangers-of-price-oracles/
Tools Used
Manual Analysis
Recommendations
Wrap the calls to latestRoundData() in try/catch blocks and handle the revert scenarios by falling back to a different feed or any other way you deem is appropriate for the use case. You should also add a way to be able to change the EUR/USD once live.
Lead Judging Commences
oracle-revert-dos
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.