The _check
function in the KeeperProxy
contract contains a price validation mechanism that compares the updatedAt
timestamp of a Chainlink price feed against block.timestamp - maxTimeWindow[token]
. However, the condition require(updatedAt > block.timestamp - maxTimeWindow[token], "stale price feed")
causes prices to expire earlier than expected. Specifically, when updatedAt == block.timestamp - maxTimeWindow[token]
, the function incorrectly considers the price stale and reverts.
The require
condition in _check
is:
This logic causes the function to revert even when updatedAt
is exactly block.timestamp - maxTimeWindow[token]
.
The price should only be considered stale if updatedAt < block.timestamp - maxTimeWindow[token]
but with the current check the price is considered stale when updatedAt <= block.timestamp - maxTimeWindow[token]
. This causes unnecessary reverts, rejecting valid transactions that should have been processed threfore leading to operational inefficiencies, preventing execution of actions in run
, runNextAction
, and other functions relying on _check
function.
Manual Review
Modify the require
statement in _check
as follows
This change ensures that prices remain valid until updatedAt
is strictly less than the threshold, preventing premature expiration.
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.