Potential deployments to L2 networks, should check for active sequencer on Chainlink price feeds
Summary
As mentioned in the protocol's README, and based on the the Temp-Check-5 proposal, it's quite likely a migration to EVM compatible L2 networks will happen. However if the community proposes, through the Beanstalk governance a migration to chains like Arbitrum/Optimism, the retrieved prices from price feeds might be incorrectly perceived as fresh.
Vulnerability Details
As of right now protocol's current usage of Chainlink price feeds, only has a mechanism which returns 0 in case the call to Chainlink aggregator reverts in LibChainlinkOracle::getPrice:
However it doesn't consider whether the sequencer is down for deployments on L2 blockchains. It's important to ensure that the prices provided are not falsely perceived as fresh, even when the sequencer is down. It should be always checked before consuming any data from Chainlink.
Impact
A call to Chainlink is made, but the sequencer is down, and this results in returned prices falsely perceived as fresh.
Impact: Medium, as it might return incorrect prices, which might not be in favor of the protocol
Likelihood: Low, as it requires an accepted proposal by the Beanstalk DAO, and the sequencer must go down
Overall: I consider this as a Low severity because of: Medium (the impact) / Low (the potential proposal) / Low (sequencer down)
Tools Used
Manual Review
Recommendations
Implement functionality to check the sequencer uptime with Chainlink oracles for deploying to L2s.
Reference here: https://docs.chain.link/data-feeds/l2-sequencer-feeds#example-code
Lead Judging Commences
L2 Sequencer check
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.