The KeeperProxy
doesn't validate if a price exceeds the min/max price
Lets take into consideration the ETH/USD
price feed on arbitrum, since it will be user to fetch the USD price of WETH. if we go to the address of the price feed (0x639Fe6ab55C921f74e7fac1ee960C0B6293ba612) and then to address of the aggregator (0x3607e46698d218B3a5Cae44bF381475C0a5e2ca7) we can see that the min/maxAnswer variables have values different than minAnswer = 1
and maxAnswer = 95780971304118053647396689196894323976171195136475135
. This is a problem because if the price of the corresponding asset exceeds those min/maxAnswer variables, the price starts being invalid and actually harmful for the protocol and its users
There is possibility that the price exceeds the min/maxAnswer
, which will make the price harmful and invalid
Manual review
compare the returned price with the min/maxAnswer
and revert if it exceeds them
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.