Beanstalk: The Finale
Beanstalk
DeFiHardhatFoundry
250,000 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

price check in case of oracle is broken or under attack

barneyetherguardian

Summary

PRice from oracle should be checked espiecially for lookback 0

in function getEthUsdPrice() internal view returns (uint256) {

Vulnerability Details

https://github.com/Cyfrin/2024-05-beanstalk-the-finale/blob/4e0ad0b964f74a1b4880114f4dd5b339bc69cd3e/protocol/contracts/libraries/Oracle/LibEthUsdOracle.sol#L39C14-L39C28

Price can be bizzare or unfair to the market

Impact

Can totally manipulate swap and price and protocol

Tools Used

slither, hardhat

Recommendations

Pelase use some checks and maybe comparision with other swaps:

// Get the TWAP for comparison
uint256 twap = LibChainlinkOracle.getTwap(
C.ETH_USD_CHAINLINK_PRICE_AGGREGATOR,
LibChainlinkOracle.FOUR_HOUR_TIMEOUT,
1 hours // Adjust the lookback period for TWAP as needed
);
// If the price is significantly different from the TWAP, treat it as invalid
uint256 deviationThreshold = twap / 10; // 10% deviation threshold, adjust as needed
if (price > twap + deviationThreshold || price < twap - deviationThreshold) {
return 0; // Invalid price
}
return price;
Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Lack of quality

Appeal created

barneyetherguardian Submitter
12 months ago
inallhonesty Lead Judge
12 months ago
inallhonesty Lead Judge 12 months ago
Submission Judgement Published
Invalidated
Reason: Lack of quality

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.